We have bad news for Google Chrome users – many of the extras available in the Chrome Web Store can be considered untrusted, and some even malware. The problem is serious, because the browser itself has quite limited functionality, eg. Compared to Firefox from Mozilla. For a long time just compensate for the deficiencies of various kinds of accessories. As it turns out, the use of them are exposing themselves to the risk of leakage of important data.
wyszyły information revealed during the 23rd USENIX Symposium devoted to issues related to computer security. Researchers taking part in it introduced a tool called Hulk, which examined a large number of additions to the browser from Google. The study involved a total of up to 48,332 of them, a very significant number. Behavior that can be harmful characterized unprecedented call to 130 of them. It’s not much, but the report also speaks of the 4172 additions, which can be considered suspicious and should receive careful.
Extras, which we do not want to see in your own browser, characterized by different behavior. Some tried to make fraud partner programs, other wykradały logins, another wstrzykiwały own ads with id’s to he, and not the owner of the site could earn the user. Often there also fraud social networks. A major problem turned out to be those supplements that have carried out changes in the HTTP headers of security, allowing them to execute JavaScript code in the web pages you visit.
These additions were more than 3000 One of them injecting their code on each visited page and, according to the shop has been installed more than 5.6 million times (this can be considered a kind of infection). Another tried to replace the ads on their own, if it did not work, change the partner ID contained in the ads appearing on the page to false, which was to generate profits for its author. Number of installations: more than 1.8 million. The crowning example of malicious software in the store was a while “Chrome Keylogger”, which was used to capture the data from the browser, and then send them to a remote server. As you can see, one can find among them a real “pearls” that are just waiting for our data and is happy to send them to the attacker.
Of course all the extras must submit the required permissions that can check from the store and also the users browser. Sometimes they are too laconic: see and change all your data on the websites you visit tells the layman too much, in practice, means the possibility of such. Substitution elements on web pages (such powers requires, inter alia, the popular AdBlock ). Google is trying to reduce the risk of this type of situation by verifying each submission. But the truth is that neither quick check manually, or automatically analyzes are not able to catch any malware. Problems of this type occurred for a long time on the Android platform, now you can see that also apply to the desktop version of Chrome.
A positive step on the part of the Google security issues (which does not mean, of course, usability) was to block 33 versions of Chrome plug-ins outside the official channel, ie. Chrome Web Store. If you use this or a later version, can install browser add-ons only from the official store, the result will automatically be blocked any unwanted additives such as junk installed. With other applications. This applies even to the producers included security suites. The creators of additives were encouraged to place them in the store, instead of “installing the wild”. The installation of such additives is possible only in development versions of Chrome, except that any such additions must be installed again after restarting the browser.
What can we do we, the users in this installation? Changing the browser to another does not necessarily improve the situation, because we will not guarantee that, for example. Ons for Firefox are fully secure. A good solution is to use only the best extensions provided by trusted publishers. Although Chrome encapsulated additives is getting very advanced and convenient tool, sometimes the price for it may be too high. I do not know what the situation is in the case of the Opera. It is possible that the attacker copied their supplements and to her store, so let’s keep caution.
No comments:
Post a Comment