Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Malicious Chrome Extensions Bypass Remote Code Ban

2025-01-20
Malicious Chrome Extensions Bypass Remote Code Ban

A recent investigation revealed numerous malicious Chrome extensions circumventing Google's ban on remote code execution. Developed primarily by Phoenix Invicta Inc., Technosense Media Pvt. Ltd., and Sweet VPN, these extensions employ stealthy configurations, obfuscated code, and abuse of the declarativeNetRequest API to inject ads, steal user data, and perpetrate affiliate fraud. The researchers identified dozens of affected extensions, highlighting Google's insufficient oversight of these malicious activities.

Read more
(palant.info)
Tech

Browser Extension 'refoorest' Accused of Fraudulent Tree-Planting Scheme

2024-12-18
Browser Extension 'refoorest' Accused of Fraudulent Tree-Planting Scheme

An investigation into Colibri Hero's browser extension, refoorest, and its Impact Hero SDK reveals a deceptive affiliate marketing scheme disguised as a tree-planting initiative. The extension misrepresents the number of trees planted, exploits user data through incentivized reviews and sharing, and the SDK gains excessive user permissions without proper disclosure, violating Chrome Web Store policies. The article exposes a pattern of opaque practices, including fake testimonials, financial secrecy, and data security vulnerabilities, casting serious doubt on the company's claims of environmental responsibility.

Read more
(palant.info)
Development affiliate marketing data fraud