Geeks for your information Security Security Vendors Kaspersky Kaspersky Security Blog v
How browser plugins can leak corporate secrets
Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
How browser plugins can leak corporate secrets
harlan4096 Online
MalWare Zoo Team
*******
Posts: 12,940
Threads: 8,890
Thanks Received: 8,767 in 6,926 posts
Thanks Given: 9,659
Joined: 12 September 18
#1
Lightbulb  09 September 19, 07:41
Quote:
[Image: browser-history-leak-featured-1.jpg]

In July 2019, researcher Sam Jadali discovered several extensions for the Chrome and Firefox browsers that collect browsing history and transfer it to a third party. Moreover, he found a platform where such data is bought and sold.

This may not set off any alarms. So what if someone finds out that one of your employees has visited a contractor’s website or even logged in to a corporate account in a social network? All the attackers get is the address. They can’t access any other information, so who cares? Well, these extensions periodically leak internal company data, and here’s how.

Links that reveal everything about you

The social networks and official websites of your contractors and partners likely do not divulge any secret information. You should be more concerned about “closed” pages, which are accessible only through unique links can be used to leak information. In reality, the only thing protecting these pages is their secrecy: Outsiders do not know their address. Here are several examples of such pages.

Online conferences

Suppose your company makes extensive use of Web conferences where employees from different departments discuss current plans, organize brainstorming sessions or simply receive information from management. Many platforms exist for conducting these types of conferences. For some, you need a key to participate, but small companies often use free or low-cost solutions that require only a link containing a unique meeting identifier that the organizer sends to all interested parties. This is all that is needed to allow a participant to join an event.

Now, imagine that one of the employees who received this link has an extension installed in their browser that siphons off information to outsiders. As soon as he or she joins the conference, this unscrupulous plugin sends its URL to a marketplace. An attacker who is trying to collect information about your company or is just looking for an opportunity purchases your employee’s browser history, from which he can see that one of the accessible meetings is taking place right now.

Nothing prevents the buyer of this link from joining the meeting. Of course, the other participants will receive a notification that someone has joined the event. But if several dozen people are attending and not all of them know each other, then hardly anyone will question who this unknown participant is. As a result, everything that is said during the conference will become known to the outsider.
...
Continue Reading
[-] The following 1 user says Thank You to harlan4096 for this post:
  • silversurfer
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
AMD reportedly set to launch EPYC 4004 ...
AMD launches EPYC 40...harlan4096 — 09:39
NoVirusThanks OSArmor v2.0.0.0
OSArmor has been u...harlan4096 — 07:10
Apple releases iOS 17.5.1 to fix Photo g...
Apple has released...harlan4096 — 07:08
Microsoft announces Copilot+ PCs and AI-...
On a special event...harlan4096 — 07:06
1.0.98 release (2024/05/19)
1.0.98 release (20...harlan4096 — 06:32

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (37)axuben
avatar (38)ihijudu
avatar (48)Mirzojap
avatar (34)idilysaju
avatar (38)odukoromu
avatar (44)Joanna4589

[-]
Online Staff
There are no staff members currently online.

>