news 
New Google Chrome Attacks Bypass More Than Just 2FA—Millions At Risk
In a stunning revelation, a cybersecurity expert has uncovered a new attack vector that bypasses more than just two-factor authentication (2FA) protections in the Google Chrome browser. The alarming discovery highlights millions of users who are now at risk of falling prey to malicious and potentially dangerous extensions.
According to Davey Winder, a veteran cybersecurity writer, hacker, and analyst, hackers have developed an ingenious method to manipulate Google’s search protections and push their dodgy Chrome extensions to the top of search results. This is done by using translation techniques to create multiple variations of extension names, descriptions, and keywords in different languages.
The expert, Palant, found numerous examples of this manipulation, which he described as a “pick-and-mix attack methodology.” In an interview, Palant revealed that hackers are employing various tactics to evade detection. These tactics include:
1. Using slight variations of their original name depending on the language used.
2. Creating different short descriptions depending upon the language being used.
3. Renaming themselves after competitors in a different language, despite violating Google’s rules.
4. Incorporating “a massive wall of text” and lengthy English passages to take advantage of messy translation management in the Chrome Web Store.
5. Hiding keywords within extension descriptions by using slight variations or automated translations with English keywords.
The implications of these manipulations are far-reaching, as they allow malicious actors to evade detection by Google’s search algorithms. “Many extensions will use slight variations of their original name depending on the language,” Palant emphasized.
Palant has recommended that Google take immediate action to address this vulnerability. He suggested that the company employ existing rules in the Chrome Web Store abuse policy and push back against these manipulation methods.
Furthermore, he proposed a technical solution by making the Chrome Web Store search index per language, which would remove the incentives for hackers to engage in such manipulation tactics. “If search results for Bengali no longer show up in English-language searches, there is no point messing up the Bengali translation anymore,” Palant explained.
As a result of this discovery, millions of Google Chrome users are now at risk of installing malicious extensions without their knowledge. It is essential that users take immediate action to protect themselves from these attacks.
To mitigate this risk, it is crucial for Google to address these manipulation methods and implement the recommended technical solutions.
Source: www.forbes.com
