Trends and Lessons from Three Years Fighting Malicious Extensions
نویسندگان
چکیده
In this work we expose wide-spread efforts by criminals to abuse the Chrome Web Store as a platform for distributing malicious extensions. A central component of our study is the design and implementation of WebEval, the first system that broadly identifies malicious extensions with a concrete, measurable detection rate of 96.5%. Over the last three years we detected 9,523 malicious extensions: nearly 10% of every extension submitted to the store. Despite a short window of operation—we removed 50% of malware within 25 minutes of creation— a handful of under 100 extensions escaped immediate detection and infected over 50 million Chrome users. Our results highlight that the extension abuse ecosystem is drastically different from malicious binaries: miscreants profit from web traffic and user tracking rather than email spam or banking theft.
منابع مشابه
Trends and socioeconomic correlates of adolescent physical fighting in 30 countries.
BACKGROUND AND OBJECTIVES No recent international studies provide evidence about its prevalence, trends, or social determinants of physical fighting in adolescents. We studied cross-national epidemiologic trends over time in the occurrence of frequent physical fighting, demographic variations in reported trends, and national wealth and income inequality as correlates. METHODS Cross-sectional ...
متن کاملAre blockchains immune to all malicious attacks?
Background: In recent years, blockchain technology has attracted considerable attention. It records cryptographic transactions in a public ledger that is difficult to alter and compromise because of the distributed consensus. As a result, blockchain is believed to resist fraud and hacking. Results: This work explores the types of fraud and malicious activities that can be prevented by blockchai...
متن کاملEight Years of Rider Measurement in the Android Malware Ecosystem: Evolution and Lessons Learned
Despite the growing threat posed by Android malware, the research community is still lacking a comprehensive view of common behaviors and trends exposed by malware families active on the platform. Without such view, the researchers incur the risk of developing systems that only detect outdated threats, missing the most recent ones. In this paper, we conduct the largest measurement of Android ma...
متن کاملEffective detection of vulnerable and malicious browser extensions
Unsafely coded browser extensions can compromise the security of a browser, making them attractive targets for attackers as a primary vehicle for conducting cyber-attacks. Among others, the three factors making vulnerable extensions a high-risk security threat for browsers include: i) the wide popularity of browser extensions, ii) the similarity of browser extensions with web applications, and ...
متن کاملFinancing Long-term Care: The Role of Culture and Social Norms; Comment on “Financing Long-term Care: Lessons From Japan”
Based on the experiences of Japan and Germany, Ikegami argues that middle-income countries should introduce public long-term care insurance (LTCi) at an early stage, before benefits have expanded as a result of ad hoc policy decisions to win popular support. The experience of the Netherlands, however, shows that an early introduction of public LTCi may not prevent, but ...
متن کامل