Malicious extensions stealing cookies
-
I just wondered if there is something that could be done in Vivaldi to prevent this? Would be nice if Vivaldi had a feature to block this stuff. I'm actually shocked to read that extensions have got this ability, seems like a major design error in Chromium.
https://cointelegraph.com/news/hackers-steal-millions-chrome-plugin-binance-scam
-
ZZalex108 moved this topic from Vivaldi for Windows on -
Extensions can do a lot of things, so download extensions from a trusted source, in this case Chromium makes use of the Google WebStore.
If you search the extension in webstore you won't found it.
Download extensions from 3rd parties... it depends on how much you trust them. Exactly same if you download apps/programs from BlackMarket or else "places"
"With a great power comes great responsibility"
Ancle Ben, Spiderman -
@RasheedHolland said in Malicious extensions stealing cookies:
I just wondered if there is something that could be done in Vivaldi to prevent this?
Yeah, it's called Manifest v3
-
I do not understand why users deal with financial data and run extensions.
Never ever is a extension trustable. -
Manifest tells what a extension is allowed to do:
https://developer.chrome.com/docs/extensions/reference/api/cookies?hl=en#permissions -
The promotional plugin steals cookies from users, which hackers use to bypass password and two-factor authentication (2FA) verification and log into the victim’s Binance account.
– https://cointelegraph.com/news/hackers-steal-millions-chrome-plugin-binance-scamThen, for Binance 2FA not needed to run transactions or login, that could be a authorisation fail on Binance's site/API.
B. spokes: "Blah… Blah… Blah… we immediately implemented additional security measures, Blah… ”
Me: "You jerks should have done more testing by users and pentesting before publishing your 2FA API!!11!111!1!"
-
So all is like Bobby Tables said: "Look, Ma! Bank robbery is so easy now. No need to have a car and a weapon, only dumb coin traders trusting everything they click on."
-
FYI: Most extensions which have access to cookies and more do let the browser tell they have access to the website data. No special warnings that cookies could be get stolen.
That is not a problem of Chromium or Vivaldi, Mozilla does not inform very much, too. -
-
@Pathduck said in Malicious extensions stealing cookies:
@RasheedHolland said in Malicious extensions stealing cookies:
I just wondered if there is something that could be done in Vivaldi to prevent this?
Yeah, it's called Manifest v3
How do you know that MV3 will stop this cookie-stealing feature?
-
@DoctorG said in Malicious extensions stealing cookies:
Then, for Binance 2FA not needed to run transactions or login, that could be a authorisation fail on Binance's site/API.
You are misunderstanding. If malicious extensions (or malware) can steal cookies, it allows them to bypass 2FA, even hardware security keys.
@DoctorG said in Malicious extensions stealing cookies:
FYI: Most extensions which have access to cookies and more do let the browser tell they have access to the website data. No special warnings that cookies could be get stolen. That is not a problem of Chromium or Vivaldi, Mozilla does not inform very much, too.
Well that's the problem, it's a major design error in Firefox and Chromium based browsers. They have build a sandbox to protect against zero day ''drive by'' attacks, which will trap malware in the sandbox, but extensions (malicious or not) can just about do whatever they want. How dumb are these developers? Obviously, extensions should also run in a sandbox, and should not be allowed to access all files in the browser profile.
-
@Pathduck said in Malicious extensions stealing cookies:
@RasheedHolland said in Malicious extensions stealing cookies:
I just wondered if there is something that could be done in Vivaldi to prevent this?
Yeah, it's called Manifest v3
I have read a bit more about MV3, but I don't believe it will block malware from stealing cookies. It might however prevent malicious extensions from doing so, see first link. However, I have always wondered why browsers didn't add protection against infostealers, and seems like Chrome is finally doing this, see second link for more info. I guess this will also end up in Vivaldi.
https://chrome-stats.com/manifest-v3-migration
https://www.bleepingcomputer.com/news/security/google-chrome-adds-app-bound-encryption-to-block-infostealer-malware/ -
Also, another thing what I don't understand is how browsers still can not block malicious extensions from automatically loading, this is crazy.
-
Seems like Chrome once again proves that it's spyware. But I just wondered if this is also a problem in Vivaldi, since it's baked into Chromium?
https://borncity.com/win/2024/07/13/user-identification-via-chromium-browser-chrome-edge-brave/
-
@RasheedHolland
read the german version of the article. it's updated with the official answer from vivaldi
(tl,dr: you can disable it in the settings) -
@derDay said in Malicious extensions stealing cookies:
@RasheedHolland
read the german version of the article. it's updated with the official answer from vivaldi
(tl,dr: you can disable it in the settings)OK cool, good to know that it was possible to disable this in Vivaldi the whole time. I always disable this stuff, but I can't remember since what version Vivaldi gives this option.
