Abusing Chrome Extensions to Form a Bot Netl by Tomer Cohen
Browser extensions have significantly improved the way we experience the web today. However, while the extension stores offer great opportunities for both developers and users, they are also used by attackers to distribute malicious extensions, specifically "bot extensions," which are extensions that allow them to remotely control the victim's browser.
Once infected, a user's browser becomes a bot in a huge bot net, which is later used by attackers to run DDoS attacks, send spam and more. During the past year, we have identified many such infection campaigns. Attackers are consistently trying to distribute their malicious extensions, and they do it by abusing popular web and social media platforms - including Facebook, Google and many more.
In this talk, Tomer will elaborate about the nature of these infection campaigns, how they work and the big advantages in running them with browser extensions.