Researcher warns that 'zombie browsers' are skyrocketing

By Ellen Messmer

October 31, 2012 02:46 PM ET

Network World - MIAMI -- Some Web browsers can be tricked into using so-called malicious extensions that can give hackers the ability to hijack the user's session, spy on webcams, upload and download files, and in the newer mobile-device area, hack into Google Android phones.

Zoltan Balazs, IT security consultant at Deloitte Hungary, spoke about the topic he calls "zombie browsers" during this week's Hacker Halted Conference in Miami. He said up until a year ago, only 10 of these browser malicious extensions were known to exist, but this year has seen 49 new ones already. "It's skyrocketing," Balazs noted, and he faulted the antivirus vendors for allegedly not addressing the issue at all.

Researcher shares blow-by-blow account of advanced persistent threat

"Even after two years, none of the antivirus vendors detect these," he said, saying he's issuing a plea for them "to try harder on detecting malicious extensions."

In his talk, Balazs explained how malicious extensions in Firefox, Chrome and Safari have been created by attackers that try to get them added to the user's browser through Web-based drive-by downloads or infected attachments. The result might be giving the attacker a way to steal data or spy on you, he said.

In terms of advice to companies concerned their user base might fall victim to this, he said setting controls on applications can help, plus in Chrome it's possible to control the extensions the user can use.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: emessmer@nww.com.

Read more about wide area network in Network World's Wide Area Network section.

Comments ()

Originally published on www.networkworld.com. Click here to read the original story.

Today's Top Stories

Additional Resources

WHITE PAPER

How Cloud Communications Reduce Costs and Increase Productivity

Small and midsize businesses are moving to the cloud to host their communications capabilities. Learn how enterprise-quality phone benefits, online management, conferencing, auto attendant, and ease of use are built into a system that is half the cost of a PBX.

Read now.

Free Insider Guide

IT Certification Study Tips: Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.

Desktop Apps Resources

Streamlining Information Workflows In order to streamline your workflows effectively, you will need to properly align your file transfer solution with your business requirements.
Streamlining Information Workflows In order to streamline your workflows effectively, you will need to properly align your file transfer solution with your business requirements.
Streamlining Information Workflows In order to streamline your workflows effectively, you will need to properly align your file transfer solution with your business requirements.
Securing Internet File Transfers This solution brief describes the four essential elements of secure Internet transfers.

Bridging HTTP and FTP with FileXpress Internet Server What if you could take an FTP server on your internal network, and allow external users (partners or customers) to securely access it...
MFT and FileXpress - An Overview Business users and applications exchange files on a regular basis. File transfer is a core part of the flow of business activity.

All Desktop Apps White Papers

Webcasts

New newsletter: Consumerization of IT

Our weekly newsletter will cover a wide range of topics and trends related to consumerization. Stay up to date with news, reviews and in-depth coverage of BYOD, smartphones, tablets, MDM, cloud, social and how consumerization affects IT. Subscribe now!

IT Jobs

See All Jobs Post a job for $295

Jobs by SimplyHired

Desktop Apps White Papers | All Desktop Apps White Papers