Monday, 12 August 2013

Hackers use bogus Chrome, Firefox extensions to pilfer social media accounts


Hacking cases are increasing day by day. There are several tricks played by hackers to steal your personal information online.

Attackers’ plant links to fool visitors on social media sites. On clicking such links, users are forced to install a video player update. This is the common way by which hackers attract people to download malicious software. This video player update contains cryptographic signature which is used to verify that the application is from a certain developer and has not been modified.

Most of the times, hackers steal legitimate digital certificates from other developers so as to make their malware look less suspicious. In case, this video update is executed then the malware installs a fake Firefox or Chrome extension depending on which browser the victim uses.

The malicious plugins appear legitimate with the names Chrome Service Pack 5.0.0 and the Mozilla Service Pack 5.0. Now, Google is blocking the extension which uses its name. Other than this, you can
find another variation of the extension like F-Secure Security Pack 6.1.0 which is a bogus product from the Finnish security vendor.

These plugins connect to another website as well as download a configuration file. This enables them to steal the login information from a victim’s social networking accounts such as Facebook, Google+ and Twitter. After this, attackers can perform variety of functions including like pages, share posts, update statuses and post comments.
Therefore, be careful regarding these hackers and stay safe online. For more from the XpertCrewTM team, please follow us on Twitter @Techvedic or contact Techvedic’s computer support helpdesk, as per below contact-details:

U.S. +855-859-0057 (  )
U.K. +800-635-0716 ( )
CA  1-855-749-5861 ( )
AU  1-800-197-298  ( )
We would be more than happy to help you. We are available 24/7.


Post a Comment