Hackers never seem to rest; luckily for you, neither does the security team at dfndr lab. Recently, our team discovered a new technical loophole within Google Chrome that may lead to unauthorized use of your device. The latest scam takes advantage of the popular web browser’s notification system; drowning users in permission requests until they give in out of pure exhaustion. How does such a scam work, and how does it aim to hijack your Android device with malware?
A Dangerous Loophole in Chrome
When a website wishes to deliver notifications to your device from within Google Chrome, a small popup will appear on your screen. From here, users can either select to ‘Allow’ or ‘Block’ the website from displaying such content. Chrome is now supposed to log your decision and prevent the site from asking you again, but there’s a problem – clever web programming has found a way around this system.
One method of fighting against this type of scam is to use dfndr security on your Android device. dfndr security offers a full virus scan and an advanced anti-hacking feature; these include scanning your device from top to bottom for malware, while also preventing dubious websites from touching your device by blocking malicious links. In a short period, the dfndr lab team has detected and blocked over 10,000 attempts of the Chrome-based scam.
Due to this flaw, if a website wants to ask for repeated permissions continuously, the site programmer can merely swap between multiple subdomains until the user chooses to allow consent. Research at dfndr lab has shown this practice of websites using a slew of subdomains is an attempt to force an individual into accepting.
Staying Protected Against the Attack
Besides downloading an antivirus solution for your device, if you still stumble upon the scam, your best bet is to try and close out the webpage, so that it can no longer ask for permission requests. Do not give in to hitting ‘allow’ out of pure frustration, once you’ve done that, hackers are one step closer to infiltrating your Android.
Learn all about one of the hackers' favorite breach method and keep your company safe…
Have you ever wondered how to recover deleted photos on Android? After all, the lack…
Digital worms are among the most serious threats in the wild kingdom of the Internet.
Spoofing is a fairly sophisticated virtual scam that can fool even the most cautious and…
Five Steps to Reduce QR Code Risk! Step one? Read this article…
Pharming is creating a new, dangerous brand of impostor syndrome. Check how to avoid pharming…