When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Cybersecurity researchers GuardioLabs disclosed their findings, and dubbed the vulnerability CrossBarking.
“This includes the ability to dynamically change it, specifically by adding new elements.”
This, the researchers further explain, could lead to victims opening fake bank sites and losing banking credentials.
To demonstrate that the vulnerability works, GuardioLabs published a small surfing app extension to theGoogleChrome Web Store.
From there, an Opera surfing app user picks it up and compromises their machine.
Being omnipresent, browsers are an extremely popular target for cybercriminals.
So the user has to go to Chrome’s web store to find and plant the extension."
“Such an extension would never have made it past manual review in Opera’s add-on store.
ViaThe Hacker News
