Originally we wanted this month’s article to be about Virtual Private Networks, but we’re pushing that over to next month because there’s a new kind of security threat that you should know about.
There are security holes being exploited that don’t always require you to be tricked into accepting anything. No link in an email, no popup from a website, no hint or sign that things have gone wrong, just your machine being compromised.
What is happening and how to avoid it?
Buyouts and repurposing is the easiest one to explain and is the hardest to defend against, a simple concept to use your third party browser extensions against you. The company that makes your favorite application or browser extension is bought out. The new owners push through an update that installs spyware on your computer. You have no idea or notifications about it happening because it is using the permissions you already have enabled.
To combat this turn off automatic updates and check on functionality before installing new versions, while keeping abreast of changes in company ownership. If you stick with verified programs and extensions and check up on the news about the extra browser functions you are using it probably won’t happen to you.
Another threat from your Chrome browser, is ‘morphing extensions.’ In short these are minor browser extensions that you might want to install (shopping tracker or fun icons) that then mimic the icon and actions of another of your more functional browser extensions (think Grammerly or 1Password) to steal your login data, and from there the rest of the information in that account. If you are asked to log in again or reset computer access permission be ware. The best defense against this is to check which browser extensions you’re giving permissions over other extensions to, paired with regularly getting rid of extensions you don’t use. For a video showcasing this Plymorphic Browser Extension watch this browser hack can steal anything – Matt Johansen
Last on our list of new near zero click malware paths is a recent development in embedding malware or other damaging data in DNS records. The exact mechanics involved are diverse, from injecting commands to any AI process on the computer visiting the website to downloading and assembling a bunch of DNS text files that actually contain the full code for a virus. These are both pretty difficult to defend against. For the first, turning off and/or deleting all AI assistants from your devices should be enough to stop it from ever having an effect. The second is much harder to avoid, and nearly impossible to notice. The only option that’s totally reliable is to avoid any website that you don’t trust entirely, and that isn’t always possible.
Some of these can be caught with antivirus scanners, but several of them can’t. These methods of stealing your data aren’t entirely new, but they’re newly practical for large scale use. Why? Well that’s down to a problem many people tend not to recognize.
Right now these types of hacks have mostly been found functioning through chromium browsers and android phones, though there isn’t much evidence against them being possible on others. And that’s the reason they’re becoming more prominent, with something like 70+% of all browser usage being on chromium based platforms (Microsoft Edge, Chrome, Opera, and many more) it’s left bad actors a single thing to study and find all the exploits of.
Currently if you’re using Firefox or Safari as your primary browser you’re probably in the clear for a little bit longer, but it’s likely that Safari is going to be the next target of similar hackers in the future just because it has the next highest market share at about 15%.
Overall these exploits aren’t yet fully mature, but neither are our defenses against them. The best defense remains simply not installing any apps and extensions you don’t need and deleting the ones you’re done using. It’s not perfect, but it should be good enough to keep you safe until better solutions have been developed.