Bonum Certa Men Certa

Eye on Security: All Web Browsers Are Insecure... on Windows

Leaning Tower of Pisa
A strong fortress won't last on a puddle of mud



Summary: News from the past few days can suggest that Microsoft Windows -- not the particular Web browser -- in the main source of threat

Malware masquerades as Google Chrome extension

A spam campaign is pushing malware disguised as a Google Chrome extension.

[...]

Rather than delivering the promised extension, the malicious page sends a program that modifies Windows' Hosts file to redirect Google and Yahoo searches to a fake site that downloads other malware.


Malware hides from search engines

Criminals are increasingly attempting to conceal malware embedded in hacked websites from search engines such as Yahoo! and Google. Their aim is to prevent browsers which use technology such as Google's Safe Browsing API from sounding the alarm when a user visits a hacked website. Google's Safe Browsing API allows client applications to query Google's phishing and malware blacklist. Firefox and Google Chrome both make use of the API, which is based on Google searches of websites for suspicious code.


Trojan poses as Google Chrome extension

Bank Trojan Takes Aim at Firefox Users [Mozilla Firefox on top of Windows is not secure]

The company's Flashlight and Rapport services detect the latest version of Zeus, however, and the company recently developed a hardened version of Mozilla for UK bank HSBC specifically to counter the threat of advanced banking Trojans such as Zeus.


PC Owners Being Used as 'Malware Mules'

Hackers are using unsuspecting web [Windows] users as 'malware mules' to infect other PC users with viruses, says Symantec.


Comments

Recent Techrights' Posts

Drug Addiction is a Real Problem, It Destroys Families
a rather sensitive matter
 
Links 07/06/2025: Slop Companies Retain All Private Data, More Books Banned in the US
Links for the day
Gemini Links 07/06/2025: "A Monk's Guide to Happiness" and "Wireless Earbuds"
Links for the day
Links 07/06/2025: More Rumours of Mass Layoffs in Microsoft's XBox Division, New COVID Variant
Links for the day
Abuse Inside the Polish Patent Office (UPRP) - Part IV: Political Scrutiny and Errors/Inconsistencies in Official Documents
When such organisations receive scrutiny they start focusing on cover-up and muzzling of facts (or crushing people who say the truth)
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, June 06, 2025
IRC logs for Friday, June 06, 2025
Slopwatch: LinuxTechLab, Planet Ubuntu, Anti-Linux FUD, and Microsoft SPAM
It's not easy to altogether avoid take articles these days
Gemini Links 06/06/2025: "MBA Tear" and Slop ('AI') as Plagiarism
Links for the day
Links 06/06/2025: "Convicted Felon and MElon Trade Insults" and Europe Snubbed by US Again
Links for the day
Links 06/06/2025: Microsoft XBox Bracing For More Mass Layoffs, Climate Disaster, Fake 'Money' Tokens From US President
Links for the day
Gemini Links 06/06/2025: Vanishing Cultures and MElon Implosion
Links for the day
Extortion is a Crime, Even If You're Based in Another Continent and Work for Microsoft
reported to British authorities
We're in 6/6 Now, Almost Halfway in 2025
2025 was probably the best year for us
South Americans Are Saying Goodbye to Microsoft
We're hardly even "Cherry-Picking" or conveniently singling out one South American nation
Abuse Inside the Polish Patent Office (UPRP) - Part III: Data Protection Failures, Just Like at the European Patent Office (EPO)
Just less than a decade ago we showed that the EPO had illegally shared staff data with third parties
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, June 05, 2025
IRC logs for Thursday, June 05, 2025
Pushing Microsoft's Proprietary Trash/Trap as "Open" and "Linux" (Windows is 'Linux' Now?)
Maybe it's time to just stop saying "FOSS". The people who use that term are promoting Microsoft.
Slopwatch: Comparing Linux to Vermin, Attacking BSD With LLM Slop, and Helping Microsoft Demonise Linux/OpenBSD/SSH Over Weak User Passwords
Microsoft must be laughing its arse off, seeing how a bunch of Serial Sloppers (no skills, no comprehension, no integrity, no creativity) and slopfarms use Microsoft LLM to flood the Web with anti-Linux FUD
Links 05/06/2025: US Poised for Another $2.4 Trillion to Debt, Cops Want GAFAM Kill Switches
Links for the day
Links 05/06/2025: First US Spacewalk 60 Years Ago, GNU Octave 10.2.0 is Out
Links for the day
Scandinavia Saying Goodbye to Microsoft
The Danes have had enough of Microsoft
GNU/Linux Measured at 6% in Bangladesh, According to statCounter
Windows isn't growing, it's going away
Nat Friedman Had Left Microsoft GitHub Exactly One Week Before Matthew Garrett Sent His First SLAPP (Which Was an Empty Threat, He Was Abusing the Legal System of Another Continent to Terrorise Critics Who Had Just Unearthed Major Microsoft Scandals)
And it was likely talked about by his lawyers around the exact same time Nat Friedman was packing up
Gemini Links 05/06/2025: Loop Earplugs Review and ANS Forth
Links for the day
Armenian Adoption of GNU/Linux
Russian influence in Armenian must be worrying to Microsoft
Abuse Inside the Polish Patent Office (UPRP) - Part II: Turning a Once-Respected Patent Office Into a Circus and Laughing Stock
It's not legal, but administrators who don't care about the law and don't fear the law would just go ahead and turn things to junk
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, June 04, 2025
IRC logs for Wednesday, June 04, 2025