'%3e%3cpath%20d='M248.027%20159.993C292.176%20159.993%20328.105%20124.1%20328.105%2079.996C328.105%2035.892%20292.191%200%20248.027%200C203.863%200%20167.95%2035.892%20167.95%2079.996C167.949%20124.101%20203.878%20159.993%20248.027%20159.993ZM213.969%2045.973C223.069%2036.882%20235.155%2031.873%20248.027%2031.873C260.899%2031.873%20272.986%2036.882%20282.086%2045.973C291.186%2055.064%20296.2%2067.154%20296.2%2079.997C296.2%2092.84%20291.186%20104.93%20282.086%20114.021C272.986%20123.112%20260.899%20128.12%20248.027%20128.12C235.155%20128.12%20223.069%20123.111%20213.969%20114.021C204.869%20104.93%20199.871%2092.84%20199.871%2079.997C199.871%2067.154%20204.884%2055.063%20213.969%2045.973Z'%20fill='%23EE4323'/%3e%3cpath%20d='M150.16%200L57.6821%20159.993H94.5381L187%200H150.16Z'%20fill='%23EE4323'/%3e%3cpath%20d='M92.478%200L0%20159.993H36.856L129.334%200H92.478Z'%20fill='%23EE4323'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_296_834'%3e%3crect%20width='328.105'%20height='159.993'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
Attackers are doubling down on malicious browser extensions as their method of choice. Recent campaigns like ShadyPanda, ZoomStealer, GhostPoster, and the breaches impacting vendors like Cyberhaven and Trust Wallet, all highlight the threat posed by malicious extensions.
Most malicious extensions didn’t start that way. Attackers take over legitimate extensions and push malicious updates that steal data, intercept cookies and tokens, log keystrokes, and more. They bide their time for maximum impact, pulling the trigger at the right moment to infect millions of browsers at once.
But security safeguards implemented at the extension store level aren’t catching malicious updates. Attackers are using dynamically compiled, stealthily smuggled code that can’t be reliably spotted through static code checks or sandbox analysis.
Thankfully, with the right tools and approach, organizations can take practical steps to bring the risk posed by malicious extension attacks to virtually zero.
Join Push Security Field CTO Mark Orlando for a teardown of malicious browser extension functionality. You’ll learn:
This webinar is now available on demand.
