Home Cyber Attack CursedChrome Extension Turns Chrome Browser Into A Proxy Bot
Cyber AttackHacking NewsLatest Cyber Security News | Network Security HackingNews

CursedChrome Extension Turns Chrome Browser Into A Proxy Bot

by Abeerah Hashim
written by Abeerah Hashim
Emotet malware target Chrome browser

A researcher has released a Chrome extension dubbed as ‘CursedChrome’ that can turn the Chrome browser into a hacker’s proxy bot. Though, there is another tool to avoid active attacks through such extensions.

CursedChrome Extension Takes Over Chrome

Reportedly, a security researcher Matthew Bryant has developed a tool that can hack the Chrome browser. The tool ‘CursedChrome’ is actually a browser add-on for Chrome that can turn the browser into a proxy bot.

As explained by the researcher,

A (cursed) Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies. By using the proxies this tool creates you can browse the web authenticated as your victim for all of their websites.

In brief, CursedChrome appears as a simple browser extension. But it has two different components to work. One works on the client-side, that is where the victim installs the tool considering it an extension. And the other is at the hacker’s end, from where he can manage all the bots. The two components communicate over a WebSocket connection that works as HTTP reverse proxy.

The attack begins after a few victims install CursedChrome extension. The hacker can then log in to the tool’s control panel at his end to manage all infected browsers.

cursedchrome extension web panel

Source: Matthew Bryant

He would know of all the infected browsers online status, and can then execute various activities. These include hijacking active logged-in sessions, navigating through the hijacked browsers, and access restricted sites and apps.

The following diagram depicts how the attack works. Whereas more details are available at GitHub where the tool is present as open-source.

CursedChrome extension attack

Source: Matthew Bryant

We Have A Fix Though – Chrome Galvanizer

Following the tool’s release, ZDNet reports that the cybersecurity community hasn’t welcomed this tool. They fear that such an aggressive tool might facilitate criminal hackers in executing malicious activities.

However, Bryant clearly describes this tool as useful for professional red teams.

Moreover, he has also developed another tool to prevent attacks by such extensions – the Chrome Galvanizer – also available on GitHub. As described,

Chrome Galvanizer is a tool to generate Chrome enterprise policies to help users harden their browser security…
This protects from hijacked extensions with backdoored updates and against extensions that have been exploited due to a security vulnerability in their code.

Bryant claims that Chrome Galvanizer can be the tool for blue teams.

The hosted version of Chrome Galvanizer is also available for swift installation.

Let us know your thoughts in the comments.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

You may also like

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall...

Personal Data Exposed in Massive Global Hack: Understanding...

Guardz Welcomes SentinelOne as Strategic Partner and Investor...

Invision Community Vulnerabilities Risk E-Commerce Websites

Microsoft April Patch Tuesday Fixes Dozens of RCE...

Match Systems publishes report on the consequences of...

Cypago Announces New Automation Support for AI Security...

LayerSlider WordPress Plugin Vulnerability Affected Thousands Of Websites

OWASP Disclosed Data Breach Affecting Old Members

Center Identity Launches Patented Passwordless Authentication for Businesses