Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Chrome extensions transforming into adware

July 14th 2017 in Google Chrome

Recent incident:

https://www.bleepingcomputer.com/news/security/-particle-chrome-extension-sold-to-new-dev-who-immediately-turns-it-into-adware/

Such trickery has been going on for years.  Google changed its policy back in 2014 so that extensions could only be ‘single purpose’ but that hasn’t stopped it.

Reality is, although Chrome does prompt the user to accept new permissions if a previously innocuous extension has been updated to introduce advertising functionality, the typical end user won’t understand what they are agreeing to. And, if the extension already has the required permissions, there is no prompt.

Apparently the seller of Particle signed a non-disclosure agreement, so we don’t know who the bad actor is.




required



required - won't be displayed


Your Comment:

Microsoft released patches against the infamous Wannacrypt (SMB) vulnerability for older operating systems going back to Windows XP. Get them from the Microsoft website:
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

They later issued warning about “potential nation state activity” and issued additional security patches. Again, get them from the Microsoft website. Those patches can be found at the URL below.
https://support.microsoft.com/en-us/help/4025687/microsoft-security-advisory-4025685-guidance-for-older-platforms

Each patch needs […]

Previous Entry

Archives