this post was submitted on 02 Dec 2025

103 points (97.2% liked)

cybersecurity

5299 readers

4 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks

tweedge

103

Stealthy browser extensions waited years before infecting 4.3M Chrome, Edge users with backdoors and spyware (go.theregister.com)

submitted 2 weeks ago by PhilipTheBucket@piefed.social to c/cybersecurity

32 comments fedilink hide all child comments

top 32 comments

sorted by: hot top controversial new old

[–] GasMaskedLunatic@lemmy.dbzer0.com 21 points 2 weeks ago

If only Google had prevented Chrome users from installing open source extensions from other platforms where Google doesn't check the code's changes and forced the ~~Chinese government~~ developer to upload a picture of their ID and pay a $5 fee, this could have been prevented!

[–] sp3ctr4l@lemmy.dbzer0.com 10 points 2 weeks ago (1 children)

Oh, huh, sucks for normie morons I guess.

This message was brought to you by entirely unprompted and uncompensated shilling for Waterfox

[–] Nighed@feddit.uk 2 points 2 weeks ago (1 children)

Either a browser is bad because it doesn't allow extensions.... Or it bad because it does and lets users install insecure stuff..... Or it's bad because it locks the extensions down so much you can't do anything useful with them.

Which type of bad are you shilling for?

[–] sp3ctr4l@lemmy.dbzer0.com 0 points 2 weeks ago (1 children)

Uh, genuinely no clue what you're talking about.

I just know that I can configure Waterfox to be both private/secure, and functional, fairly easily, and with most other browsers, that's quite difficult, largely due to them being fundamentally controlled by giant corporations who have being a datamonger as a very significant element of their overall business model, who very much want you to watch the ads.

And... because its based on / is a fork of Firefox... it was not vulnerable to or affected by this sleeper malware.

Even if that's not directly a result of some kind of software design/engineering paradigm type difference, and is just a kind of security through obscurity/non-popularity... thats still a very valid approach to using a computer system privately and securely.

[–] Nighed@feddit.uk 0 points 2 weeks ago (1 children)

Why can't Firefox be effected by this?

Does chrome not ask about plugins requesting new permissions or something?

[–] sp3ctr4l@lemmy.dbzer0.com 2 points 2 weeks ago (1 children)

Because ShadyPanda published a malicious extension for Edge and Chrome.

Not for Firefox based browsers.

... You... can't install an Edge or Chrome extension in a Firefox based browser.

You have to make a different version, designed for Firefox, sorta like a port of a video game; a DreamCast won't play a PlayStation disc, an N64 won't run a GameBoy cartridge.

[–] Nighed@feddit.uk 1 points 2 weeks ago (1 children)

It's not that it can't be done then, most likely no one has checked.

Buying out solo deved apps to host malware has been a thing for ages.

[–] sp3ctr4l@lemmy.dbzer0.com 1 points 2 weeks ago (1 children)

Yep, you could theoretically do a similar sleeper malware as extension for Firefox based browsers.

But that is not what this article is about.

No where in this article is anything about a Firefox based browser mentioned.

So, again, go back your original comment on my comment.

You tried to put a bunch of words in my mouth, now you're trying to argue hypotheticals based on conjecture.

Are you trying to make some kind of point?

Or just waste the time of anyone bothering to read this?

[–] Nighed@feddit.uk 1 points 2 weeks ago

My point was basically that this can happen to you too, and if it couldn't, people would complain anyway.

No need to call people morons over it.

[–] I_Has_A_Hat@lemmy.world 6 points 2 weeks ago* (last edited 2 weeks ago)

Clean Master

WeTab

Infinity V+

Those are the extensions mentioned in the article, but they also say there were others, but decided not to name those because CERTAINLY NO ONE WOULD POSSIBLY WANT TO KNOW WHICH EXTENSIONS MIGHT BE AFFECTING THEM, RIGHT?! NO SIR, THATS NOT IMPORTANT INFORMATION AT ALL!

[–] AntiBullyRanger@ani.social -5 points 2 weeks ago (2 children)

Fuᚦr details.

[–] Cyber@feddit.uk 10 points 2 weeks ago (3 children)

Thanks. Not sure why you're getting downvoted for linking to the source with the actual IOCs...

[–] shalafi@lemmy.world 8 points 2 weeks ago (3 children)

Same reason lemmy downvotes Sxan for using a thorn.

Lemmy: We support diversity! The weirder you are the better! We accept all people!

Also lemmy: Fuck your thorns.

[–] pulsewidth@lemmy.world 6 points 2 weeks ago (1 children)

People would also downvote if comments were being posted in latin or mandarin on an English language comminity: its unreadable to most of the participants and thereby negatively contributory to the discussion.

[–] prettybunnys@piefed.social 3 points 2 weeks ago

We downvote that dude for their obvious attention seeking behavior.

[–] MonkderVierte@lemmy.zip 2 points 2 weeks ago* (last edited 2 weeks ago)

Understandable, since introducing foreign elements into a communication protocol makes it harder to parse.

Same for the gendern movement in german media btw. It doesn't make the language more inclusive, but inclusivity more hated, by mixing it with something inconvenient.

[–] kbobabob@lemmy.dbzer0.com 3 points 2 weeks ago

They are getting downvoted for making things harder for HUMANS to read. It's been proven over and over that it does nothing to stop AI.

[–] Damage@feddit.it 9 points 2 weeks ago

It's spreading. And evolving!