Forcepoint

Researcher discovered that Chrome Sync function can be used to steal data

Croatian researcher Bojan Zdrnja discovered a malicious Chrome extension abusing Chrome Sync. f you do not use Chrome, let me remind you that this function is applied to synchronize data between different user’s devices, and stores copies of all user bookmarks, browsing history, passwords, as well as browser settings and browser extensions on Google cloud servers. However, as it turned out, synchronization can be used to send commands to infected browsers, as well as steal data from infected systems, bypassing firewalls and other means of protection. Zdrnya writes that in the course of the incident he studied, the attacker gained access to the victim’s computer, but was unable to steal the data, since it was inside the employee portal. Then …

Researcher discovered that Chrome Sync function can be used to steal data Read More »

Chrome Sync function

For eight years, the Cereals botnet existed for only one purpose: it downloaded anime

The Cereals IoT botnet appeared in 2012, and reached its peak in 2015, when there were about 10,000 infected devices. All these eight years, the Cereals botnet only downloaded anime for its creator. ll this time, Cereals exploited only one vulnerability and attacked D-Link’s NAS and NVR, combining them into a botnet. For many years, the botnet has eluded the attention of information security professionals, and now it has almost ceased to exist. “The fact is that the vulnerable D-Link devices on which Cereals parasitized began to become obsolete and out of order, that is, they are becoming smaller and smaller. In addition, the ransomware Cr1ptT0r accelerated the decay of the botnet, which destroyed the competing malware on infected devices …

For eight years, the Cereals botnet existed for only one purpose: it downloaded anime Read More »

Botnet Cereals downloaded anime
Scroll to Top