{"id":17779,"date":"2018-05-07T21:00:48","date_gmt":"2018-05-08T01:00:48","guid":{"rendered":"https:\/\/www.psafe.com\/en\/blog\/?p=17779"},"modified":"2022-04-27T15:22:07","modified_gmt":"2022-04-27T19:22:07","slug":"dfndr-lab-uncovers-potentially-malicious-google-chrome-scam","status":"publish","type":"post","link":"https:\/\/www.psafe.com\/en\/blog\/dfndr-lab-uncovers-potentially-malicious-google-chrome-scam\/","title":{"rendered":"dfndr lab Uncovers Potentially Malicious Google Chrome Scam"},"content":{"rendered":"

Hackers never seem to rest; luckily for you, neither does the security team at <\/span>dfndr lab<\/span><\/a>. Recently, our team discovered a new technical loophole within Google Chrome that may lead to unauthorized use of your device. The latest scam takes advantage of the popular web browser\u2019s notification system; drowning users in permission requests until they give in out of pure exhaustion. How does such a scam work, and how does it aim to hijack your Android device with malware?<\/span><\/p>\n

A Dangerous Loophole in Chrome
\n<\/b>When a website wishes to deliver notifications to your device from within Google Chrome, a small popup will appear on your screen. From here, users can either select to \u2018Allow\u2019 or \u2018Block\u2019 the website from displaying such content. Chrome is now supposed to log your decision and prevent the site from asking you again, but there\u2019s a problem – clever web programming has found a way around this system.<\/span><\/p>\n

\"\"<\/a>
<\/center><\/center>
\nRead More:<\/b>How Safe is Google Chrome for Your Android<\/b><\/a><\/p>\n

One method of fighting against this type of scam is to use dfndr security on your Android device. dfndr security offers a full virus scan and an advanced anti-hacking feature; these include scanning your device from top to bottom for malware, while also preventing dubious websites from touching your device by blocking malicious links. In a short period, the dfndr lab team has detected and blocked over 10,000 attempts of the Chrome-based scam.<\/span><\/p>\n

\"\"<\/a><\/center>
<\/center>
<\/center>
\nInner Workings of the Google Chrome Scam
\n<\/b>The clever loophole behind the scam takes advantage of the fact that Chrome blocks a website from asking for permissions based on the primary domain, but not the subdomain. A subdomain is the part of a web address that proceeds the primary. For example, if you were to access, \u2018www.login.yourbank.com<\/em>,\u2019 the \u2018yourbank<\/strong>\u2019 part of the address is the primary domain, and the \u2018login<\/strong>\u2019 part of the address is the subdomain.<\/span><\/p>\n

Due to this flaw, if a website wants to ask for repeated permissions continuously, the site programmer can merely swap between multiple subdomains until the user chooses to allow consent. Research at dfndr lab has shown this practice of websites using a slew of subdomains is an\u00a0attempt to force an individual into accepting.<\/span><\/p>\n

\"\"<\/a>
<\/center><\/center>
<\/center>
<\/center>But, how does this practice lead to your device becoming infected with malware and eventually hijacked? Once a malicious website displays notifications on your device, it can then attempt to showcase content that you think comes from your operating system. You might see what appears to be a valid prompt for an update, unknowingly tap on it, and download malware that could take over your device.<\/span><\/p>\n

Staying Protected Against the Attack
\n<\/b>Besides <\/span>downloading an antivirus solution<\/span> for your device, if you still stumble upon the scam, your best bet is to try and close out the webpage, so that it can no longer ask for permission requests. Do not give in to hitting \u2018allow\u2019 out of pure frustration, once you\u2019ve done that, hackers are one step closer to infiltrating your Android.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Our security team has discovered a new technique used by hackers to hijack your phone with malware.<\/p>\n","protected":false},"author":83,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_crdt_document":"","footnotes":""},"categories":[4451],"tags":[301,195,106,259,182,545],"class_list":["post-17779","post","type-post","status-publish","format-standard","hentry","category-dfndr-company-news","tag-app2","tag-app5","tag-google","tag-hackers","tag-malware","tag-safety"],"_links":{"self":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/17779","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/users\/83"}],"replies":[{"embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/comments?post=17779"}],"version-history":[{"count":16,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/17779\/revisions"}],"predecessor-version":[{"id":18238,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/17779\/revisions\/18238"}],"wp:attachment":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/media?parent=17779"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/categories?post=17779"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/tags?post=17779"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}