Derek891 Posted January 20, 2014 Share Posted January 20, 2014 I came across this article yesterday describing yet another internet exploit to be aware of. It seems the people with the black hats have found a way to load adware and malware onto a user's machine by using the automatic updates to Chrome browser extensions: http://arstechnica.com/security/2014/01/malware-vendors-buy-chrome-extensions-to-send-adware-filled-updates/ "A first-hand account of this, which was first spotted by OMGChrome, was given by Amit Agarwal, developer of the "Add to Feedly" extension. One morning, Agarwal got an e-mail offering "4 figures" for the sale of his Chrome extension. The extension was only about an hour's worth of work, so Agarwal agreed to the deal, the money was sent over PayPal, and he transferred ownership of the extension to another Google account. A month later, the new extension owners released their first (and so far only) update, which injected adware on all webpages and started redirecting links. Chrome's extension auto-update mechanism silently pushed out the update to all 30,000 Add to Feedly users, and the ad revenue likely started rolling in. While Agarwal had no idea what the buyer's intention was when the deal was made, he later learned that he ended up selling his users to the wolves. The buyer was not after the Chrome extension, they were just looking for an easy attack vector in the extension's user base." Start every day with a smile and get it over with. - W.C. Fields Link to comment Share on other sites More sharing options...
Alan_B Posted January 20, 2014 Share Posted January 20, 2014 I specifically anticipated that Firefox would be vulnerable to such hijacks when Mozilla introduced their capability to auto-update Firefox. The only thing I cannot remember is whether I ran like a scalded cat for a different browser when I realised, or whether I just felt pleased with myself because I had already totally UN-installed Firefox because I had the aggravation of needing to frequently update. Link to comment Share on other sites More sharing options...
Winapp2.ini Posted January 20, 2014 Share Posted January 20, 2014 I don't think you can transfer ownership of addons in the Mozilla ecosystem. winapp2.ini additions thread winapp2.ini github Link to comment Share on other sites More sharing options...
Winapp2.ini Posted January 20, 2014 Share Posted January 20, 2014 http://www.theverge.com/2014/1/20/5326582/google-bans-chrome-extensions-purchased-to-deliver-adware Relevant article winapp2.ini additions thread winapp2.ini github Link to comment Share on other sites More sharing options...
Alan_B Posted January 20, 2014 Share Posted January 20, 2014 Actually my concern was NOT rogue extensions to Firefox, but that Mozilla was incorporating into Firefox the ability to automatically accept updates that APPEARED to have originated from Mozilla, and I had concerns that the bad guys might have the ability to "authenticate browser updates as coming from Mozilla" (Whatever that might mean - I just know that in the face of the unknown I prefer to avoid. ) Link to comment Share on other sites More sharing options...
Winapp2.ini Posted January 20, 2014 Share Posted January 20, 2014 Updates for firefox are prepared by Mozilla's AUS (Automatic Update System) which was/is in the process of being upgraded as of a few months ago. From what I understand, it calls back to the update server to ask if there's anything new going on, and I'm fairly sure that much is hardcoded since it required a bug and patch to change, so I don't see it as being compromisable winapp2.ini additions thread winapp2.ini github Link to comment Share on other sites More sharing options...
Moderators hazelnut Posted January 21, 2014 Moderators Share Posted January 21, 2014 Sorry Derek that your topic seem to have gotten derailed after your first post. Hopefully Chrome will watch this situation like a hawk in future...they need to. And just to muddy the waters slightly http://www.ghacks.net/2014/01/18/monitor-extension-updates-chrome-firefox/ Support contact https://support.ccleaner.com/s/contact-form?language=en_US&form=general or support@ccleaner.com Link to comment Share on other sites More sharing options...
Derek891 Posted January 21, 2014 Author Share Posted January 21, 2014 http://www.theverge.com/2014/1/20/5326582/google-bans-chrome-extensions-purchased-to-deliver-adware Relevant article Thanks for the link Winapp2, I'm glad to see that Google has responded quickly and decisively to this problem. Sorry Derek that your topic seem to have gotten derailed after your first post. I don't mind at all. I think it's more important that people understand the potential vulnerablities in both Chrome and Firefox. I try to never allow any application to automatically update itself without my knowledge or consent. I've been burned in the past and would prefer to have software that's one or two versions out of date and still working rather than something that is problematic, or worse, riddled with malware. Start every day with a smile and get it over with. - W.C. Fields Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now