{"id":17779,"date":"2018-05-07T21:00:48","date_gmt":"2018-05-08T01:00:48","guid":{"rendered":"https:\/\/www.psafe.com\/en\/blog\/?p=17779"},"modified":"2022-04-27T15:22:07","modified_gmt":"2022-04-27T19:22:07","slug":"dfndr-lab-uncovers-potentially-malicious-google-chrome-scam","status":"publish","type":"post","link":"https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/","title":{"rendered":"dfndr lab Uncovers Potentially Malicious Google Chrome Scam"},"content":{"rendered":"

Hackers never seem to rest; luckily for you, neither does the security team at <\/span>dfndr lab<\/span><\/a>. Recently, our team discovered a new technical loophole within Google Chrome that may lead to unauthorized use of your device. The latest scam takes advantage of the popular web browser\u2019s notification system; drowning users in permission requests until they give in out of pure exhaustion. How does such a scam work, and how does it aim to hijack your Android device with malware?<\/span><\/p>\n

A Dangerous Loophole in Chrome
\n<\/b>When a website wishes to deliver notifications to your device from within Google Chrome, a small popup will appear on your screen. From here, users can either select to \u2018Allow\u2019 or \u2018Block\u2019 the website from displaying such content. Chrome is now supposed to log your decision and prevent the site from asking you again, but there\u2019s a problem – clever web programming has found a way around this system.<\/span><\/p>\n

\"\"<\/a>
<\/center><\/center>
\nRead More:<\/b>How Safe is Google Chrome for Your Android<\/b><\/a><\/p>\n

One method of fighting against this type of scam is to use dfndr security on your Android device. dfndr security offers a full virus scan and an advanced anti-hacking feature; these include scanning your device from top to bottom for malware, while also preventing dubious websites from touching your device by blocking malicious links. In a short period, the dfndr lab team has detected and blocked over 10,000 attempts of the Chrome-based scam.<\/span><\/p>\n

\"\"<\/a><\/center>
<\/center>
<\/center>
\nInner Workings of the Google Chrome Scam
\n<\/b>The clever loophole behind the scam takes advantage of the fact that Chrome blocks a website from asking for permissions based on the primary domain, but not the subdomain. A subdomain is the part of a web address that proceeds the primary. For example, if you were to access, \u2018www.login.yourbank.com<\/em>,\u2019 the \u2018yourbank<\/strong>\u2019 part of the address is the primary domain, and the \u2018login<\/strong>\u2019 part of the address is the subdomain.<\/span><\/p>\n

Due to this flaw, if a website wants to ask for repeated permissions continuously, the site programmer can merely swap between multiple subdomains until the user chooses to allow consent. Research at dfndr lab has shown this practice of websites using a slew of subdomains is an\u00a0attempt to force an individual into accepting.<\/span><\/p>\n

\"\"<\/a>
<\/center><\/center>
<\/center>
<\/center>But, how does this practice lead to your device becoming infected with malware and eventually hijacked? Once a malicious website displays notifications on your device, it can then attempt to showcase content that you think comes from your operating system. You might see what appears to be a valid prompt for an update, unknowingly tap on it, and download malware that could take over your device.<\/span><\/p>\n

Staying Protected Against the Attack
\n<\/b>Besides <\/span>downloading an antivirus solution<\/span> for your device, if you still stumble upon the scam, your best bet is to try and close out the webpage, so that it can no longer ask for permission requests. Do not give in to hitting \u2018allow\u2019 out of pure frustration, once you\u2019ve done that, hackers are one step closer to infiltrating your Android.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Our security team has discovered a new technique used by hackers to hijack your phone with malware.<\/p>\n","protected":false},"author":83,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4451],"tags":[301,195,106,259,182,545],"class_list":["post-17779","post","type-post","status-publish","format-standard","hentry","category-dfndr-company-news","tag-app2","tag-app5","tag-google","tag-hackers","tag-malware","tag-safety"],"yoast_head":"\ndfndr lab Uncovers Potentially Malicious Google Chrome Scam<\/title>\n<meta name=\"description\" content=\"A Google Chrome scam is being wielded by hackers that could quickly lead to your device being hijacked with malware.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"dfndr lab Uncovers Potentially Malicious Google Chrome Scam\" \/>\n<meta property=\"og:description\" content=\"A Google Chrome scam is being wielded by hackers that could quickly lead to your device being hijacked with malware.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/\" \/>\n<meta property=\"og:site_name\" content=\"PSafe Blog\" \/>\n<meta property=\"article:published_time\" content=\"2018-05-08T01:00:48+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-04-27T19:22:07+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/cdn.blog.psafe.com\/en\/blog\/wp-content\/uploads\/2018\/04\/Screen-Shot-2018-04-12-at-4.35.05-PM.png\" \/>\n<meta name=\"author\" content=\"PSafe Newsroom\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\\\/\"},\"author\":{\"name\":\"PSafe Newsroom\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/#\\\/schema\\\/person\\\/1c3c9cd7f8f7ff5b8e8071d39226b99d\"},\"headline\":\"dfndr lab Uncovers Potentially Malicious Google Chrome Scam\",\"datePublished\":\"2018-05-08T01:00:48+00:00\",\"dateModified\":\"2022-04-27T19:22:07+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\\\/\"},\"wordCount\":511,\"image\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\\\/#primaryimage\"},\"thumbnailUrl\":\"http:\\\/\\\/cdn.blog.psafe.com\\\/en\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/04\\\/Screen-Shot-2018-04-12-at-4.35.05-PM.png\",\"keywords\":[\"app2\",\"app5\",\"google\",\"hackers\",\"malware\",\"safety\"],\"articleSection\":[\"dfndr News\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\\\/\",\"url\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\\\/\",\"name\":\"dfndr lab Uncovers Potentially Malicious Google Chrome Scam\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\\\/#primaryimage\"},\"thumbnailUrl\":\"http:\\\/\\\/cdn.blog.psafe.com\\\/en\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/04\\\/Screen-Shot-2018-04-12-at-4.35.05-PM.png\",\"datePublished\":\"2018-05-08T01:00:48+00:00\",\"dateModified\":\"2022-04-27T19:22:07+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/#\\\/schema\\\/person\\\/1c3c9cd7f8f7ff5b8e8071d39226b99d\"},\"description\":\"A Google Chrome scam is being wielded by hackers that could quickly lead to your device being hijacked with malware.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\\\/#primaryimage\",\"url\":\"http:\\\/\\\/cdn.blog.psafe.com\\\/en\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/04\\\/Screen-Shot-2018-04-12-at-4.35.05-PM.png\",\"contentUrl\":\"http:\\\/\\\/cdn.blog.psafe.com\\\/en\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/04\\\/Screen-Shot-2018-04-12-at-4.35.05-PM.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"In\u00edcio\",\"item\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"dfndr lab Uncovers Potentially Malicious Google Chrome Scam\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/\",\"name\":\"PSafe Blog\",\"description\":\"Articles and news about Mobile Security, Android, Apps, Social Media and Technology in general.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/#\\\/schema\\\/person\\\/1c3c9cd7f8f7ff5b8e8071d39226b99d\",\"name\":\"PSafe Newsroom\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g\",\"caption\":\"PSafe Newsroom\"},\"description\":\"The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.\",\"url\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/author\\\/newsroom-psafe\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"dfndr lab Uncovers Potentially Malicious Google Chrome Scam","description":"A Google Chrome scam is being wielded by hackers that could quickly lead to your device being hijacked with malware.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/","og_locale":"en_US","og_type":"article","og_title":"dfndr lab Uncovers Potentially Malicious Google Chrome Scam","og_description":"A Google Chrome scam is being wielded by hackers that could quickly lead to your device being hijacked with malware.","og_url":"https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/","og_site_name":"PSafe Blog","article_published_time":"2018-05-08T01:00:48+00:00","article_modified_time":"2022-04-27T19:22:07+00:00","og_image":[{"url":"http:\/\/cdn.blog.psafe.com\/en\/blog\/wp-content\/uploads\/2018\/04\/Screen-Shot-2018-04-12-at-4.35.05-PM.png","type":"","width":"","height":""}],"author":"PSafe Newsroom","twitter_misc":{"Written by":false,"Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/#article","isPartOf":{"@id":"https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/"},"author":{"name":"PSafe Newsroom","@id":"https:\/\/www.psafe.com\/en\/blog\/#\/schema\/person\/1c3c9cd7f8f7ff5b8e8071d39226b99d"},"headline":"dfndr lab Uncovers Potentially Malicious Google Chrome Scam","datePublished":"2018-05-08T01:00:48+00:00","dateModified":"2022-04-27T19:22:07+00:00","mainEntityOfPage":{"@id":"https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/"},"wordCount":511,"image":{"@id":"https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/#primaryimage"},"thumbnailUrl":"http:\/\/cdn.blog.psafe.com\/en\/blog\/wp-content\/uploads\/2018\/04\/Screen-Shot-2018-04-12-at-4.35.05-PM.png","keywords":["app2","app5","google","hackers","malware","safety"],"articleSection":["dfndr News"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/","url":"https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/","name":"dfndr lab Uncovers Potentially Malicious Google Chrome Scam","isPartOf":{"@id":"https:\/\/www.psafe.com\/en\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/#primaryimage"},"image":{"@id":"https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/#primaryimage"},"thumbnailUrl":"http:\/\/cdn.blog.psafe.com\/en\/blog\/wp-content\/uploads\/2018\/04\/Screen-Shot-2018-04-12-at-4.35.05-PM.png","datePublished":"2018-05-08T01:00:48+00:00","dateModified":"2022-04-27T19:22:07+00:00","author":{"@id":"https:\/\/www.psafe.com\/en\/blog\/#\/schema\/person\/1c3c9cd7f8f7ff5b8e8071d39226b99d"},"description":"A Google Chrome scam is being wielded by hackers that could quickly lead to your device being hijacked with malware.","breadcrumb":{"@id":"https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/#primaryimage","url":"http:\/\/cdn.blog.psafe.com\/en\/blog\/wp-content\/uploads\/2018\/04\/Screen-Shot-2018-04-12-at-4.35.05-PM.png","contentUrl":"http:\/\/cdn.blog.psafe.com\/en\/blog\/wp-content\/uploads\/2018\/04\/Screen-Shot-2018-04-12-at-4.35.05-PM.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"In\u00edcio","item":"https:\/\/www.psafe.com\/en\/blog\/"},{"@type":"ListItem","position":2,"name":"dfndr lab Uncovers Potentially Malicious Google Chrome Scam"}]},{"@type":"WebSite","@id":"https:\/\/www.psafe.com\/en\/blog\/#website","url":"https:\/\/www.psafe.com\/en\/blog\/","name":"PSafe Blog","description":"Articles and news about Mobile Security, Android, Apps, Social Media and Technology in general.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.psafe.com\/en\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.psafe.com\/en\/blog\/#\/schema\/person\/1c3c9cd7f8f7ff5b8e8071d39226b99d","name":"PSafe Newsroom","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g","caption":"PSafe Newsroom"},"description":"The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.","url":"https:\/\/www.psafe.com\/en\/blog\/author\/newsroom-psafe\/"}]}},"_links":{"self":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/17779","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/users\/83"}],"replies":[{"embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/comments?post=17779"}],"version-history":[{"count":16,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/17779\/revisions"}],"predecessor-version":[{"id":18238,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/17779\/revisions\/18238"}],"wp:attachment":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/media?parent=17779"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/categories?post=17779"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/tags?post=17779"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}