1. Forum
  2. MicroNet
  3. MIN COMP

  • New 'browser syncjacking' cyberattack

    From August Abolins@618:400/23.10 to All on Mon Feb 10 10:53:00 2025
    02/06/2025
    New 'browser syncjacking' cyberattack lets hackers take over your computer via Chrome

    Hackers have discovered a new way to remotely take control of
    your computer - all through the Google Chrome web browser. A
    report from cybersecurity company SquareX lays out the new
    multifaceted cyberattack, which the firm has dubbed "browser
    syncjacking." At the core of the attack is a social engineering
    element, as the malicious actor first must convince the user to
    download a Chrome extension. The Chrome extension is usually
    disguised as a helpful tool that can be downloaded via the
    official Chrome Store. It requires minimal permissions, further
    cementing its perceived legitimacy to the user. According to
    SquareX, the extension actually does usually work as
    advertised, in order to further disguise the source of the
    attack from the user.

    Full Story Source: Mashable https://mashable.com/article/google-chrome-extensions-browser- syncjacking-cyberattack-hack

    --- OpenXP 5.0.58
    * Origin: (618:400/23.10)
  • From digimaus@618:618/1 to August Abolins on Mon Feb 10 18:51:28 2025
    August Abolins wrote to All <=-

    At the core of the attack is a social engineering
    element, as the malicious actor first must convince the user to
    download a Chrome extension.

    That's not hard these days with how absolutely uneducated they are about
    online safety.

    When I worked for John Deere, we had a major phishing incident because
    people who had master's and doctorate degrees in logistics were opening
    emails with payloads. You would not believe how much work IT had to do to
    fix things and yet when we told them not to open that again, we were
    ignored. That entire factory was and is still filled with uneducated hicks.

    I'm so glad I don't work in factory IT anymore.

    People deserve what they get by ignoring warnings.

    -- Sean

    ... It's not a bug. It's an unintended feature.
    --- MultiMail/Linux
    * Origin: Outpost BBS * Johnson City, TN (618:618/1)
  • From Kurt Weiske@618:300/16 to digimaus on Tue Feb 11 07:00:42 2025
    digimaus wrote to August Abolins <=-

    When I worked for John Deere, we had a major phishing incident because people who had master's and doctorate degrees in logistics were opening emails with payloads. You would not believe how much work IT had to do
    to fix things and yet when we told them not to open that again, we were ignored. That entire factory was and is still filled with uneducated hicks.

    I had the opposite experience - I worked for a company that did screen
    savers, and the head of engineering only hired people from a handful of
    schools. Many of the algorithms behind those patterns were mathematical
    or physics-based, and he had coders with backgrounds in each.

    They were the most sanctimonious, "I could do IT's job better than IT"
    lusers I'd ever supported.

    We did have an Australian coder who made me laugh. He opened a helpdesk
    ticket that claimed that "the laserwriter in engineering has gone
    billy"




    --- MultiMail/Win v0.52
    * Origin: realitycheckBBS.org -- information is power. (618:300/16)