![]() Don’t set yourself up to be surprised with a potential security issue down the road. If nobody reports it - or if you’re not scanning the news for updates on your many browser addons - you’ll never know. The mysterious way the whole situation was handled by the extension’s new maintainer - and their complete silence on this matter ( and everything else recently) - makes me a bit nervous that a similar situation could happen again. The good news? The offending code appears to have been removed from The Great Suspender, but that doesn’t necessarily mean you should keep using it. The fact that the code is not obvious malware is meaningless in light of the fact that it can be changed without notice, and that it is minified (human-unreadable).” The fact that disabling tracking still works is irrelevant given the fact that most of the 2 million users of this extension have no idea that that option even exists. Using the chrome web store version of this extension, without disabling tracking, will execute code from an untrusted third-party on your computer, with the power to modify any and all websites that you see. While there does exist an innocent explanation for this, I can no longer say that it is the most likely. ![]() Most importantly, the minified javascript differs significantly from that distributed by the OWA project.” However, the site contains no real information other than the tracking scripts, and is only found in the context of this extension. That site is one month old, and is clearly designed to appear innocent, being hosted on a public webhost, and being given a seemingly innocent homepage from the CentOS project. Those are hosted on the unrelated site, which turns out to be immensely suspicious. Although OpenWebAnalytics is a real software, it does not provide the files executed by the extension. ![]() ![]() “On November 6th, discovered a smoking gun that the new maintainer is malicious. This change was supposedly in order to enable new screenshot functionality, but that was unclear.” Even when Google would drop new features into its Chrome browser to reduce the resources inactivate browser tabs eat up, I still. “That lets the extension do what it pleases, including inserting ads, blocking sites, forcible redirects…. I’ve been a fan of The Great Suspender extension for years. As Github’s TheMageKing wrote in November of last year: The extension suddenly started asking for new permissions as well, like an all-encompassing ability to mess with your browser’s web requests. ![]() Reddit user avatar_ENG also discovered that one can also get the tabs back by exploring the chrome history.Here’s the longer story: The Great Suspender has a new maintainer (formerly Dean Oemcke), and this unknown entity dropped a few silent updates to new builds of the extension allowing it to connect to various third-party servers and execute code. Deleting everything before the URL and hitting enter will reload the page. At the end will be the last address for the page the user was on. Tab management Version 7.1.8 was the first to include the malware strain, which led to the extension being removed from Microsoft Edge ’s extension store. According to a report by The Verge, if the users who used the extensions are looking to get their tabs back, they can follow the simple steps that are given below: If the tabs were open, one can go to them and click on the URL bar. Given Chrome's inclination to hoard a remarkable computer's memory, the extension served as an easy method to keep a user's program moving a bit faster, without really constraining one to close old tabs. As far as the tab is concerned, a user could click to reload back to the last window. The tool used to automatically close down tabs that a user hadn't taken a gander at for some time, supplanting them with a clear dim screen. It made the program run smoothly on a browser. The Great Suspender was a colossally helpful extension if it wouldn't have the malware. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |