Browser extensions have significantly improved the way we experience the web today. However, while the extension stores offer great opportunities for both developers and users, they are also used by attackers to distribute malicious extensions, specifically "bot extensions," which are extensions that allow them to remotely control the victim's browser.
Once infected, a user's browser becomes a bot in a huge bot net, which is later used by attackers to run DDoS attacks, send spam and more. During the past year, we have identified many such infection campaigns. Attackers are consistently trying to distribute their malicious extensions, and they do it by abusing popular web and social media platforms - including Facebook, Google and many more.
In this talk, Tomer will elaborate about the nature of these infection campaigns, how they work and the big advantages in running them with browser extensions.
Tomer Cohen leads the team at Wix.com responsible for all R&D and production systems security. Previous to that, Tomer worked as an application security expert at several firms. Tomer was also one of the founders of "Magshimim" cyber training program, which trains high-schools students in the periphery of Israel, in the field of cyber security.