Today, almost every computer user leverages a variety of web browsers to surf the internet — Microsoft Internet Explorer, Mozilla Firefox, and Apple Safari are some of the popular browsers in use in recent times.
It is very important to configure internet browser(s) in a secure way because vulnerable web browser(s) can lead to various problems such as malicious code injections, spyware, phishing attacks, etc. Hackers can even control user systems due to poorly configured browsers. In a nutshell, there are a large number of threats from software attacks that take advantage of vulnerable web browsers.
Researchers have observed that new software vulnerabilities are being exploited and directed at web browsers through the use of compromised or malicious websites.
Recently more than 500 browser extensions have been found by researchers which were downloaded from Google’s Chrome Web store. These extensions secretly uploaded users’ private browsing data to servers which were controlled by attackers.
The aforementioned browser extensions do not exist anymore, but the malicious plugins have been downloaded millions of times in Google’s Chrome web application. Google has managed to clean these (500) chrome extensions which were uploading the private data of users.
The extensions were almost always inserted and hidden in tools providing promotions and advertising to ultimately engage and redirect to malvertising. Jamila Kaya, an independent researcher, discovered this fraudulent scheme.
According to the researcher, every plugin initially connected to a domain containing the keywords similar to the plugin’s name. Subsequently, the plugin then diverted to a server controlled by hackers which could monitor –
- Instructions and locations to upload user data
- Advertisement lists that need to be published
- Other malicious domains to redirect users
The browser once infected, started the upload of sensitive user data.
Typically, the plugin’s extensions usually show advertisements inside a user’s browsing session. The real problems begins when these ad schemes redirect the users away from the actual website and forcefully move them to unintended web destinations.
The beauty of such fraud was that the users didn’t even notice this phenomenon considering the fact that most websites use similar techniques with aggressive advertising that normally does redirect users.
The risk of vulnerable web browsers was observed due to the below user actions:
- Downloading and Installing various plugins without considering the data security factor, ultimately compromising on browser security.
- Installing third-party software having no security mechanism to deal with suspicious activities.
- Not knowing how to configure web browsers in a secure way and by not practising caution.
- Clicking on the links without having a sense of risk and by having no knowledge of web page redirection to unexpected sites.
- Installing additional software that websites ask for, putting computers at a certain risk.
As a result, attackers leverage popular and easy ways to penetrate the user’s computer system and exploit the vulnerabilities.
Hence, installing antivirus software in computers which provides the solution to browser level protections and security is a must. This is needed because irrespective of the amount of precautions users might take, hackers will always find newer ways to attack.
How does Quick Heal help in resolving this problem?
Quick Heal provides a premium Browser Sandbox solution which increases browser security levels manifold along with regulating a browser’s access to personal data.
Browsing protection security also prevents a browser from encroaching confidential folders and prevents from modifying protected data.
Files downloaded while browsing websites are also monitored in the specified downloaded folder(s).
Subject Matter Expert:
Swapnil Nigade|Security Labs