They are distributed through Chrome Web Store, initially known as the Google Chrome Extensions Gallery. Its extensions are “ written using web technologies like HTML, JavaScript, and CSS. Nowadays, Chrome is continuously improved and runs on Windows, Linux, macOS, Android and iOS. Malicious Chrome Extension – Some DetailsĪs StatCounter clearly shows, Google Chrome is the most commonly used browser, so let’s see how a malicious Chrome extension can affect it.Ĭhances are you also read this article using Chrome, so pay attention. Bad programming practices and vulnerabilities also play their role in extension security. As the number and popularity of browser extensions grow, so too does the urgency to tackle this important attack vector. Forecasts of growing security problems around extensions have materialised, as cybercriminals/rogues tap into the rich data contained in Web browsers for profit/manipulation. Malicious browser extensions are being leveraged in various types of attacks, ranging from data theft, spying, and more. They are written by third parties however, not all third parties have the best interest of the end-user at heart. ![]() Well, as the European Union Agency for Cybersecurity notes,īrowser extensions are implemented with standard web technologies, such as HTML and JavaScript. What is a browser extension?Īs their name suggests, browser extensions are pieces of software that “ extend your web browser with additional features, modify web pages, and integrate your browser with the other services you use.” Evernote, Grammarly, LastPass, JoinTabs ar a few browser extension examples. In the following years, other browsers were developed: Lynx in 1992, Mosaic in 1993, Netscape Navigator in 1994, Microsoft’s Internet Explorer in 1995, Opera in 1998, Apple’s Safari in 2003, Mozilla’s Firefox in 2004, Mobile Safari in 2007, Google Chrome in 2008, Opera Mini in 2011 and Microsoft Edge in 2015. Nexus was a browser-editor, allowing users to also create pages, not only browse them. It was called The WorldWideWeb, but was renamed Nexus to avoid any confusions. The first browser appeared in 1990, created by W3C Director Tim Berners-Lee. Browsers can also display other more advanced material like interactivity and animations made with JavaScript with internal JavaScript interpreters. ![]() The browser then communicates with the network to ask for all the documents that make up the page. After that, it sends a Hypertext Transfer Protocol (HTTP) request to the web server, which sends a response with HTML, CSS, and other content files to the browser. This basically means that every URL has an equivalent set of numbers – the IP address – and the DNS translates it into language so we can type “” instead of “74.125.134.102”. It does this by first performing a Domain Name System (DNS) look to find the correct IP address. When you search something on Google and click on a link or enter a URL in the address bar, the webserver locates and sends the information you just requested to the web browser. The browser acts as a client to contact the web server and request information. How does it work? SmartBear nicely describes the process : Malicious Chrome Extension – Some Definitions What is a web browser and how does it work?Ī web browser is “ a software application that retrieves and displays information from a server including web pages, text, images, videos, and other content.” Today we’ll come back to the browser security topic and we’ll find out what is a malicious Chrome extension and how it can affect the cybersecurity of your company. ![]() ![]() A few months ago I was writing about my preference for using web applications due to the fact that they allow me to move between browsers tabs swiftly.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |