They steal data with browser bookmarks
Two common and seemingly harmless features are favorites or bookmarks of the browser, which basically consists of saving a page to be able to access later, and the synchronization, which allows you to use the browser on multiple devices and to synchronize data. But now they have discovered that they can be exploited and that simply with browser bookmarks they could steal data.
How do they do that? For this they use fake browser extensions. They are add-ons that we can install to have certain additional functions, such as grouping tabs, having a download manager, etc. But of course, there are extensions that may have been created maliciously, with the sole purpose of scamming. Precisely these are the ones that would have the ability to exploit the browser’s favorites and steal user data.
But not only that, but they could also take advantage of the synchronization feature. An attacker, through a fraudulent extension, could connect and remotely manipulate data. A SANS Technology Institute student, David Prefer, created a PowerShell script to demonstrate that it is possible for data to be leaked through synced bookmarks.
For this test he used Chromium-based browsers, such as Google Chrome, Brave, Edge and Opera. He named this script Brugglemark. As indicated, it is necessary to have PowerShell 6.0 installed. However, it indicates that in this test it has achieved plain text files but it does not work with Word documents, although it ensures that it could be compatible with any format.
As you can see, there is a possibility that they use the bookmarks of browsers like Chrome to steal data. Hackers could create rogue plugins for the sole purpose of launching attacks.
What to do to avoid this problem
What can we do as users to avoid this type of attack that could steal personal data? It is important to use only safe extensions. We have seen that in these types of attacks a hypothetical cybercriminal could create a fake plugin for Chrome and other browsers. Therefore, always install extensions from official sites.
But also, it is appropriate periodically review those plugins that you have installed. It is important to see if they have been able to change and start to work maliciously. It is an important entry point for attackers and it is important to be prepared at all times and not have problems.
It’s also a good idea to have a good antivirus installed. If you accidentally download a fake browser, rogue extension, or any file that is actually malware, it can help you detect and remove it before it steals your data. There are many options to improve browser security.
On the other hand, one more tip to prevent your data from being stolen with the browser is to have it updated. Always keep the latest version available and thus avoid possible vulnerabilities that can be exploited.