Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Beware! Google Chrome's Malicious Extensions Are Causing Facebook Click Fraud!

 


Digital Marketers are using different strategies to generate maximum traffic to their webpages. They are using attractive and unique "Click-bait" titles to attract internet users. On the other hand, cyber crooks are using illegal strategies to get more click revenue. Recently a 19 years old security researchers discovered that cyber criminals are using malicious extensions on "Chrome Browser" to generate sketchy Facebook likes.

 

What is the Scenario?

Maxime Kjaer, student of Switzerland's Swiss Federal Institute of Technology was seeing his Facebook account. He noticed that one of his friend is continuously liking vulgar and adult links on Facebook such as "Basic Kissing Tips" etc. These links contains hundred of likes but not a single comment was present. When he opened that link, the browser redirected him to another webpage. On that webpage he got a message to install "Viral Content Age Verify" named chrome extension to view the content of website.

This was not an only extension, there were nine more Chrome Extension like this. These extensions were registered under a website "viralands.com". Google have removed all of these extensions now. According to a report, there were more than 1,30,000 users of these extensions.

 

Where is the Vulnerability?

The vulnerability found by Kjaer is called "Glaring Security Hole". This vulnerability was present in the Web store of Google Chrome, which was allowing hackers to upload malicious extensions. Hackers were uploading malicious extensions and they were targeting victims by social engineering.

 

Working Process of These Extensions

When victim clicks on the install button of "Viral Content Age Verification" extension, "manifest.json" named file enters into the system. This files is working in three different files:

 

  • Query-String.js
  • install.js
  • background.js

 

Also read: Delilah Malware Can Record Your Videos Anonymously, to Blackmail You For Becoming a Insider Threat!


The malicious code is present in the "install.js" file. Rest of the files are safe. Hackers are controlling "install.js" file through command and control server. This file is getting malicious payload from two different urls. This malware is capable to steal tokens of all websites. It can also steal the login tokens of Facebook, you tube and financial websites and hackers can get full control of your accounts.

  • List of Malicious Extensions
  • Viralands Age Verify
  • Viral Content Age Verify
  • Content Age Verify
  • Age Bypass For YouTube
  • Restricted Content Verification

 

Google's Action Against it

All these extensions now have been blacklisted by Google. It will be automatically disappeared from the infected computers. Users of these extensions, need to change passwords of their Facebook account. Users need to understand that, cyber criminals are using different type of techniques to hack their social accounts. They need to aware themselves about it.

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.