User agent strings in Chrome will be replaced with a new mechanism called Client Hints
https://www.zdnet.com/article/google-to-phase-out-user-agent-strings-in-chrome
https://groups.google.com/a/chromium.org/forum/m/#!msg/blink-dev/-2JIRNMWJ7s/yHe4tQNLCgAJ
Comments
https://news.ycombinator.com/item?id=22044057
#ua #useragent #chrome #tracking
https://www.zdnet.com/article/google-to-phase-out-user-agent-strings-in-chrome
https://groups.google.com/a/chromium.org/forum/m/#!msg/blink-dev/-2JIRNMWJ7s/yHe4tQNLCgAJ
Comments
https://news.ycombinator.com/item?id=22044057
#ua #useragent #chrome #tracking
ZDNet
Google to phase out user-agent strings in Chrome
Chrome will move to a new technology called Client Hints, part of the newer Privacy Sandbox project.
Forwarded from BlackBox (Security) Archiv
49 New Google Chrome Extensions Caught Hijacking Cryptocurrency Wallets
Discovering Fake Browser Extensions That Target Users of Ledger, Trezor, MEW, Metamask, and More
Using a familiar phishing method to target new brands.
The 49 browser add-ons, potentially the work of Russian threat actors, were identified (find the list here) by researchers from MyCrypto and PhishFort.
"Essentially, the extensions are phishing for secrets β mnemonic phrases, private keys, and keystore files," explained Harry Denley, director of security at MyCrypto. "Once the user has entered them, the extension sends an HTTP POST request to its backend, where the bad actors receive the secrets and empty the accounts."
Motivation and Purpose
We keep an eye on the type of attacks that come to cryptocurrency users on a daily basis and often write about our findings to help educate the community. Weβve seen various types of attacks on users, ranging from simple trust-trading scams to SIM hijacking to compromising and stealing funds from exchange accounts.
Google has ousted 49 Chrome browser extensions from its Web Store that masqueraded as cryptocurrency wallets but contained malicious code to siphon off sensitive information and empty the digital currencies.
ππΌ Read more:
https://medium.com/mycrypto/discovering-fake-browser-extensions-that-target-users-of-ledger-trezor-mew-metamask-and-more-e281a2b80ff9
https://thehackernews.com/2020/04/chrome-cryptocurrency-extensions.html
#hijacking #cryptocurrency #wallets #google #chrome #browser #extensions
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
Discovering Fake Browser Extensions That Target Users of Ledger, Trezor, MEW, Metamask, and More
Using a familiar phishing method to target new brands.
The 49 browser add-ons, potentially the work of Russian threat actors, were identified (find the list here) by researchers from MyCrypto and PhishFort.
"Essentially, the extensions are phishing for secrets β mnemonic phrases, private keys, and keystore files," explained Harry Denley, director of security at MyCrypto. "Once the user has entered them, the extension sends an HTTP POST request to its backend, where the bad actors receive the secrets and empty the accounts."
Motivation and Purpose
We keep an eye on the type of attacks that come to cryptocurrency users on a daily basis and often write about our findings to help educate the community. Weβve seen various types of attacks on users, ranging from simple trust-trading scams to SIM hijacking to compromising and stealing funds from exchange accounts.
Google has ousted 49 Chrome browser extensions from its Web Store that masqueraded as cryptocurrency wallets but contained malicious code to siphon off sensitive information and empty the digital currencies.
ππΌ Read more:
https://medium.com/mycrypto/discovering-fake-browser-extensions-that-target-users-of-ledger-trezor-mew-metamask-and-more-e281a2b80ff9
https://thehackernews.com/2020/04/chrome-cryptocurrency-extensions.html
#hijacking #cryptocurrency #wallets #google #chrome #browser #extensions
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv