Cybercriminals have been using a novel approach to exfiltrate data that involves directly injecting malicious Google Chrome extensions onto victims’ Windows machines via the abuse of Google’s cloud synching function. The goal of the recently-identified campaign is to manipulate data in internal web applications that the victims have access to, according to an analysis.
Read full article on Threat Post