07.04.2025 13:19:00
Дата публикации
A study by SquareX warns that browsers are becoming a new battleground for ransomware threats, allowing attackers to bypass traditional security measures. Previously, such attacks required direct access to the victim's device.
Nowadays, people are less likely to download anything onto their devices, preferring cloud services like Google Drive.
Hackers are adapting to this trend by creating tools that operate exclusively in the web environment.
Browser-based ransomware utilizes simplified authorization mechanisms in services, malicious extensions, and phishing, often bypassing antivirus protection.
The first attack scenario involves masquerading as a legitimate application, allowing access to the victim's Google Drive and demanding ransom.
In the second case, hackers gain access to corporate email through phishing campaigns, identify the services used by the company, and hijack account control.
The third scenario is related to vulnerabilities in browser synchronization. An extension authorizes the attacker in the victim's system, after which the attacker gains access to saved passwords and data.
The problem is exacerbated by the fact that corporate security systems rarely control the installation of extensions, authorizations in multiple services, and actions within the browser.
Moreover, browser attacks have the potential for horizontal spread. One compromised user can put the entire corporate archive at risk. There have been numerous such incidents in recent years.
Companies are advised to reconsider their cybersecurity strategies, taking into account new threats in the online environment.
(the text translation was done automatically)
