CursedChrome turns browser into a hacker gateway

CursedChrome turns browser into a hacker gateway

CursedChrome, hacker proxy that originates from a plain browser is out now.

CursedChrome can turn a computer’s plain browser into a proxy that hackers can operate through. A researcher recently proved that plainly browsing can give way for hackers to enter.

Matt Bryant, a security researcher released a tool that he called CursedChrome. Bryant introduced the tool on Github last week as an open-source project.

Hackers invade browsers through CursedChrome

The security specialist elaborated on how the code can turn into a platform that hackers can penetrate. He said that the vehicle does not go beyond the web socket connection.

He described the tool to have two parts. The first is the Chrome extension itself or the client-side component. The second is the control panel where CursedChrome bots report. It is also called the server-side of the counterpart of the browser.

Google wants you to update Chrome to avoid new high-risk security threats

The extension should be installed on a browser. Once installed, the hacker establishes a secure connection with the victim by logging into the CursedChrome.

The unsuspecting victim will see the classic Http reverse proxy function through the WebSocket connection.

The user will not notice that there is a transaction going on between the device extension and an outside control panel operated by a hacker.

As the user navigates on the browser, as usual, the hackers on the other end hi-jack all the logged-in sessions. Hackers can even gather sensitive information, and enter confidential data.

Cyber-security community responds to CursedChrome

CursedChrome gained the attention of the cyber-security community. The community believes that exposing the vehicle to the public only increases the security risk.

A report said that the community Bryant could be lowering the security entry bars. The team believed that the project makes it easier for the attackers to develop their own versions of such.

The security researcher explained his goal in response to the cyber-security community rumblings. Bryant replied saying that was not his intention.

The analyst stated that CursedChrome should help to accurately simulate the ‘malicious browser-extension’ scenario. He clarified that he open-sourced the project for the pen testers and professional red teamers.

He explained that he disclosed CursedChrome because he wanted to make it a tool. He stated that it was for cybersecurity professionals who are paid to break into companies.

He added that he understands how open sourcing helps pen testers and red teamers. He knows that they always work on tight schedules.

Image courtesy of Caio/Pexels

Micky is a news site and does not provide trading, investing, or other financial advice. By using this website, you affirm that you have read and agree to abide by our Terms and Conditions.
Micky readers - you can get a 10% discount on trading fees on FTX and Binance when you sign up using the links above.