Hackers Patch Web Browsers to Track Encrypted Traffic

posted onOctober 8, 2019
by l33tdawg
Bleeping Computer
Credit: Bleeping Computer

Researchers have found a new piece of malware, likely from an advanced threat group, that can patch Chrome and Firefox browsers to identify the encrypted traffic from a victim's computer.

The threat adds to the victim host Transport Layer Security (TLS) certificates, which help carry out man-in-the-middle (MitM) attacks on encrypted traffic.

Named Reductor, the threat was spotted in a campaign at the end of April that continued at least until August.  Apart from TLS traffic manipulation, it comes with the typical assortment of remote access functions - upload, download, and execute files.

Source

Tags

Security

You May Also Like

Other Articles In This Section

Recent News

Friday, May 31st

Zero-day flaw in Check Point VPNs is ‘extremely easy’ to exploit
Law enforcement operation takes aim at an often-overlooked cybercrime linchpin
Tech giants form AI group to counter Nvidia with new interconnect standard
Musk can’t avoid testifying in SEC probe of Twitter buyout by playing victim

Wednesday, May 29th

Neuralink rival sets brain-chip record with 4,096 electrodes on human brain
US sanctions operators of “free VPN” that routed crime traffic through user PCs
OpenAI training its next major AI model, forms new safety committee
Cops Are Just Trolling Cybercriminals Now
How Researchers Cracked an 11-Year-Old Password to a $3 Million Crypto Wallet

Tuesday, May 28th

Japanese police arrest man after computer viruses created by misusing AI
Notorious Data Leak Site Breachforums is back From the Seizure
A high-severity vulnerability affects Cisco Firepower Management Center
OpenAI backpedals on scandalous tactic to silence former employees
Apple clarifies iOS 17.5 bug that exposed deleted photos
Newly discovered ransomware uses BitLocker to encrypt victim data

Friday, May 24th

Dutch cybercops tracked a crypto theft to one of the world’s worst botnets
He Trained Cops to Fight Crypto Crime—and Allegedly Ran a $100M Dark-Web Drug Market
A Leak of Biometric Police Data Is a Sign of Things to Come
A root-server at the Internet’s core lost touch with its peers. We still don’t know why.
Crooks plant backdoor in software used by courtrooms around the world

Thursday, May 23rd

Anyone Can Trick AI Bots into Spilling Passwords
GitHub addresses maximum severity Enterprise Server vulnerability
Neuralink’s First User Is ‘Constantly Multitasking’ With His Brain Implant
Humane AI Pin is a disaster: Founders already want to sell the company
Here’s what’s really going on inside an LLM’s neural network

Tuesday, May 21st

23-year-old man accused of running $100 million online narcotics marketplace
Scarlett Johansson Says OpenAI Ripped Off Her Voice for ChatGPT

Monday, May 20th

WikiLeaks' Julian Assange Can Appeal His Extradition to the US, British Court Says
Craig Wright Lied About Creating Bitcoin And Faked Evidence, Judge Rules
Two students find security bug that could let millions do laundry for free
Lazarus Group Moves $147.5M in Stolen Crypto (BTC, ETH) to North Korea, UN Report Reveals
Time Is Running Out in the Hunt for Rare Bitcoin
“Unprecedented” Google Cloud event wipes out customer account and its backups
What happened to OpenAI’s long-term AI risk team?

Thursday, May 16th

Flaw in Wi-Fi Standard Can Enable SSID Confusion Attacks