HACKERS USING FAKE ‘FLASH PLAYER’ GOOGLE CHROME EXTENSION TO STEAL CREDIT CARD DATA

SOURCE: RT

Cybersecurity researchers are warning unsuspecting internet users about a year-old Chrome extension which steals credit card data from infected users via web forms on visited websites.

The surreptitious extension is spread by means of JavaScript injection attacks i.e. “You don’t have Flash installed, use this Chrome extension instead,” or something to that effect. When unsuspecting or careless users click on these links, it triggers an automated redirect to the malicious extension.

The extension, available since February 2018, exploits the API (Application Programming Interface) functionality on websites by interrupting the digital handshake exchanged between user and website when a HTTP request is made, like clicking a link or submitting a form. It cannot be found through a regular search and instead is only proliferated through the sharing of a link.

The extension, created by fbsgang.info, proclaims itself to be a ‘Flash Reader’ and embeds a function in each and every website visited by the targeted user.

Whenever it detects credit number patterns specific to Visa, Mastercard, American Express, and Discovery card formats being inputted into a web form, it automatically relays them to the attacker via an AJAX request (essentially, a message that communicates directly with the server without interrupting the display or normal behavior of the active webpage).

Stolen information includes card issuer names, expiration dates, and CVV/CVC codes.

The good news is that the infection is not widespread, as only 400 installations have been detected, meaning its reach is limited.

Google was alerted by Cybersecurity firm ElevenPaths early last year, but the offending extension still existed in the Web Store in some form until recently. The server used by whoever is behind the malicious extension is currently down, but this may be a temporary measure while the group is under scrutiny or while they prepare another server to which they can redirect unsuspecting users.

It may also be a precursor for a much larger operation.

RT.com has contacted Google for comment.

SHARE THIS ARTICLE...

Views: 28

Comment

You need to be a member of 12160 Social Network to add comments!

Join 12160 Social Network

Latest Activity

Old Denmark posted videos
28 minutes ago
Thomas Less posted a blog post

Daily Verse

We give thanks to you, O God, we give thanks, for your Name is near; men tell of your wonderful deeds. — Psalm 75:1See More
28 minutes ago
Deep Space posted videos
2 hours ago
Central Scrutinizer posted blog posts
3 hours ago
Central Scrutinizer favorited Chris of the family Masters's discussion Very interesting FOR THOSE WHO THINK USA IS A FREE COUNTRY
3 hours ago
Central Scrutinizer replied to Central Scrutinizer's discussion A Hot Time in the Ol Town Tonight
"Truly want to Thank Each & All here who's expressed or shared their concerns, thoughts and well wishes for .....the Dog ;)  For those inquiring minds, all's well, not even any smoke damage, & burning a fire @ the moment ,…"
3 hours ago
Central Scrutinizer commented on DTOM's group High Strangeness & General Weirdness
"Diner dies after having 'poisonous'   mushrooms at Michelin-starred eatery"
4 hours ago
Chris of the family Masters commented on Chris of the family Masters's blog post person (n.)
"In the nutshell, IBM is a person. WILLIAM BROWN is a person. William Brown is a man."
5 hours ago
Chris of the family Masters posted blog posts
6 hours ago
the mighty bull commented on the mighty bull's photo
Thumbnail

Meme-Ninja-Cat-Fear-Not-The-Weapon-But-The-Paw-That-Wields-It-Image

"All them government workers better watch out cos theres a new cat in town lol."
7 hours ago
the mighty bull posted a photo
7 hours ago
the mighty bull commented on cheeki kea's photo
Thumbnail

Greetings MBIE

"hahaha Sprung "
7 hours ago
Raz Putin replied to Raz Putin's discussion POTUS Trump makes a formal statement regarding signing H.J. Res. 31, the “Consolidated Appropriations Act, 2019”
"I think President Trump will legalize weed too much of a huge cash cow not to tap and then their's the benefits. MAGA Make America Green Again"
8 hours ago
Raz Putin commented on Raz Putin's blog post NY Times busted using a November 2018 photo of Ruth Bader Ginsberg in recent article claiming she is back to work at SCOTUS.
"Yahoo News double's down with this story. Unreal lol Yahoo News: "Conspiracy theorists are claiming Ruth Bader Ginsburg is dead. She…"
8 hours ago
Marklar's Ghost commented on Marklar's Ghost's blog post Why Are So Many SJW Characters Mary Sues?
"Triggly Puff should have been chosen as a more appropriate Captain Marvel than brie Larson. Flap those wings and FLY Triggly!!!"
8 hours ago
Gralton replied to Chris of the family Masters's discussion Very interesting FOR THOSE WHO THINK USA IS A FREE COUNTRY
"god help us all well most of us"
8 hours ago

Please remember this website is supported by your donations...

© 2019   Created by truth.   Powered by

Badges  |  Report an Issue  |  Terms of Service

content and site copyright 12160.info 2007-2015 - all rights reserved. unless otherwise noted