Summary: Security researchers have identified a new vulnerability known as “browser syncjacking,” allowing malicious extensions to gain full control of a browser and the user’s device with minimal interaction. This attack unfolds in three stages, starting from the unwitting installation of a harmful extension to ultimately achieving device hijacking. The method highlights significant gaps in enterprise security as traditional tools struggle to detect these sophisticated threats.
Affected: Browsers (specifically Google Chrome) and user devices
Keypoints :
- A malicious extension can authenticate a user’s browser profile to gain control through an attacker-managed Google Workspace.
- The extension can intercept legitimate downloads, replacing them with malicious files, allowing full browser takeover.
- Once established, it can hijack the device, enabling the attacker to access local apps, activate hardware like cameras, and exfiltrate sensitive data.
Source: https://www.infosecurity-magazine.com/news/full-browser-device-takeover/