You must Register or Sign in to your Cyware account to perform this action
×Once you are logged in, you will be able to:
Customize your feeds by selecting categories you like
Comment on or Like an article
Receive the latest security stories, trends, and insights in your inbox
Build your profile and login across multiple devices
Bookmark a story and read it later
- Home
- Hacker News
- Malware and Vulnerabilities
- Malicious websites could exploit Extension APIs to grab browser data
Malicious websites could exploit Extension APIs to grab browser data
Malicious websites could exploit Extension APIs to grab browser data- January 21, 2019
- |
- Malware and Vulnerabilities
/https://cystory-images.s3.amazonaws.com/shutterstock_575551612.jpg "Malicious websites could exploit Extension APIs to grab browser data")
- APIs for 197 browser extensions are under the scanner for security issues, said a researcher.
- Along with making browser data vulnerable, attackers can even get into user accounts such as their social media profiles or work accounts.
A security researcher from France has brought in a new revelation. In his research study, Doliere Francis Somé of INRIA, France uncovered vulnerabilities in extension APIs for browsers.
It appears that noxious websites have been tweaking these extension APIs to steal browser data such as cookies and bookmarks.
In addition, Somé also demonstrated that APIs were also used to download malicious files and store them in the users’ external storage so that it can be used to track their activity on their devices as well.
The French researcher’s paper has detailed how web applications take unfair advantage through APIs. “Our results demonstrate that the communications between browser extensions and web applications pose serious security and privacy threats to browsers, web applications and more importantly to users,” indicates the study.
The threat model in the paper highlights six security and privacy threats such as code execution, same origin policy (SOP) bypass, reading cookies, initiating downloads, reading other browser data, and data storing.
Tools to detect suspicious activity in APIs
Somé has developed a tool to check if APIs can be exploited by malicious websites. In his study, this static analysis tool analyzed around 78,000 extensions for Chrome, Firefox, and Opera browsers. Among them, 197 extensions were flagged as serious threats and said to be the most vulnerable to attackers.
Thankfully, Somé has informed the browser developers of the threats. Firefox was quick to resolve this by removing the extensions. Chrome and Opera are reportedly yet to fix all the extensions.
The online tool can be found here. All the user needs to do is enter the manifest file of the extension and the tool displays vulnerable APIs.
- + Aware
Get such articles in your inbox
News
-
/https://cystory-images.s3.amazonaws.com/shutterstock_513056479.jpg)
Previous News BlackRock inadvertently exposes confidential information of thousands of financial adviser clients- January 21, 2019
- |
- Breaches and Incidents
-
/https://cystory-images.s3.amazonaws.com/shutterstock_465668897.jpg)
Next News Ryuk Ransomware: A brief look into the ransomware’s origin and its high-profile attacks- January 20, 2019
- |
- Malware and Vulnerabilities
Popular News
/https://cystory-images.s3.amazonaws.com/iStock_000083026757_Medium.jpg)
/https://cystory-images.s3.amazonaws.com/shutterstock_302129432.jpg)
/https://cystory-images.s3.amazonaws.com/shutterstock_171257957.jpg)
/https://cystory-images.s3.amazonaws.com/shutterstock_202780831.jpg)
/https://cystory-images.s3.amazonaws.com/shutterstock_423598096.jpg)
Related News
/https://cystory-images.s3.amazonaws.com/shutterstock_448372129.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/ba30_shutterstock_1254115477.jpg)
Categories
Get such articles in your inbox
News
-
Previous News BlackRock inadvertently exposes confidential information of thousands of financial adviser clients
- January 21, 2019
- |
- Breaches and Incidents
-
Next News Ryuk Ransomware: A brief look into the ransomware’s origin and its high-profile attacks
- January 20, 2019
- |
- Malware and Vulnerabilities
Popular News
Related News
Categories
