Researcher warns "zombie browsers" are skyrocketing

By , Network World |  Security

MIAMI -- Some Web browsers can be tricked into using so-called "malicious extensions" that can give hackers the ability to hijack the user's session, spy on webcams, upload and download files, and in the newer mobile-device area, hack into Google Android phones.

Zoltan Balazs, IT security consultant at Deloitte Hungary, spoke about the topic he calls "zombie browsers" during this week's Hacker Halted Conference in Miami. He said up until a year ago, only 10 of these browser malicious extensions were known to exist, but this year has seen 49 new ones already. "It's skyrocketing," Balazs noted, and he faulted the anti-virus vendors for allegedly not addressing the issue at all.

Researcher shares blow-by-blow account of advanced persistent threat

"Even after two years, none of the anti-virus vendors detect these," he said, saying he's issuing a plea for them "to try harder on detecting malicious extensions."

In his talk, Balazs explained how malicious extensions in Firefox, Chrome and Safari have been created by attackers that try to get them added to the user's browser through Web-based drive-by downloads or infected attachments. The result might be giving the attacker a way to steal data or spy on you, he said.

In terms of advice to companies concerned their user base might fall victim to this, he said setting controls on applications can help, plus in Chrome it's possible to control the extensions the user can use.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: emessmer@nww.com.

Read more about wide area network in Network World's Wide Area Network section.


Originally published on Network World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness