This story was originally published on HackerNoon at: https://hackernoon.com/squarex-discloses-browser-syncjacking-a-new-attack-technique-that-puts-millions-at-risk.
However, until now, due to the limitations browser vendors place on the extension subsystem and extensions, it was thought to be impossible for extensions to ga
Check more stories related to cybersecurity at: https://hackernoon.com/c/cybersecurity. You can also check exclusive content about #cybersecurity, #squarex, #cybernewswire, #press-release, #squarex-announcement, #cyber-threats, #cyber-security-awareness, #good-company, and more.
This story was written by: @cybernewswire. Learn more about this writer by checking @cybernewswire's about page, and for more stories, please visit hackernoon.com.
SquareX reveals a new attack technique that shows how malicious extensions can be used to completely hijack the browser, and eventually, the whole device. The attack begins with an employee installing any browser extension. The extension then “silently” authenticates the victim into a Chrome profile managed by the attacker’s Google Workspace.