Home / Technology / Russian Hackers Sell Chrome Store Bypass
Russian Hackers Sell Chrome Store Bypass
27 Jan
Summary
- Russian hackers offer a service to bypass Chrome Store moderation.
- Malicious add-ons use full-screen iframes to steal credentials.
- Enterprises advised to use strict allowlisting for protection.
Russian cybercriminals are actively selling a service that enables the distribution of malicious Google Chrome extensions by circumventing the official store's moderation process. This service, offered by an actor known as 'Stenli,' promises to get harmful add-ons accepted into the Chrome Web Store for a price ranging from $2,000 to $6,000.
These malicious extensions function by overlaying legitimate websites with deceptive, full-screen iframes. While the browser's address bar remains unchanged, the visible content is a fake interface designed to harvest sensitive login credentials or facilitate fraudulent transactions. The add-ons can also send convincing push notifications, further deceiving users.
Security researchers at Varonis highlight that traditional advice to only install extensions from reputable sources is insufficient against this threat. For businesses, Varonis suggests implementing strict allowlisting policies, which permit only pre-approved extensions. Consumers are advised to regularly review their installed extensions, remove unused ones, and scrutinize permission requests, particularly those seeking access to all websites.
