Your new post is loading...
Rogue Chrome browser extensions have been used to gain persistent unauthorized access to Facebook accounts...
The use of Trojan horse browser extensions to hijack accounts is not new, nor is the method specific to Google Chrome.
However, it has several advantages over other techniques. For one, users are more likely to trust an extension distributed from the official Chrome Web Store for Chrome, or Mozilla's add-on repository for Firefox, than a clickjacking or phishing page.
---------------------------------------------------------------
===> Few users are aware that browser extensions can intercept everything they do through the browser!!! <===
---------------------------------------------------------------
Security compromises based on rogue browser extensions are also more persistent than those based on password theft or other methods, because these extensions can piggyback on active sessions to perform unauthorized actions even if the account owners change their passwords or enable two-factor authentication.
