Submitted URL: https://u4934669.ct.sendgrid.net/wf/click?upn=ZHtHURBbhWqjWn8A-2BeC13U9d9vBsdrwQ2zeIayxT-2F4IhdxVBWA58ZQgsnufWThZsJPb6b2XLmb-2B5MPQ1X7Qp4okT6qEVG-2FHTLERzFQ9l-2Fag-3D_W77bTy6YRdHySgTK0Dy8RSVNVsBa0FcYDRIvU450AMuNtqwCQHGb6RNFNefF4OFcrOtCDnnEWGxY6zkmSK3hASCKBRr-2FksqMi20HfWeXF4D5QEzM4WNh5T8KrjTkW8DN2fl5Gy0gcAkznbDiSzEmY7ulPmHzlDZ6Ivj7FCJ7CbIad1B6xnMKmboNulBjwRfTh-2Fvw-2Fn8jL4fJVjM-2FnR9fY63NOSvfnkZrwG-2F4fJ7XR0U-3D
Effective URL: https://www.distilnfo.com/itadvisory/2019/10/09/russian-hackers-attack-chrome-and-firefox-browsers/
Submission: On October 09 via api from US

Form analysis 1 forms found in the DOM

GET https://www.distilnfo.com/itadvisory

<form role="search" method="get" action="https://www.distilnfo.com/itadvisory">
  <input name="s" placeholder="Search..." required type="search">
  <button type="submit"><i class="fa fa-search"></i></button>

Text Content

Russian Hackers Attack Chrome And Firefox Browsers
Skip to main content Skip to primary sidebarDistilNFO ITDISTILNFO IT ADVISORY
DistilNFO HealthPlan
DistilNFO HospitalIT
DistilNFO IT
DistilNFO Retail
DistilNFO POPHealth
DistilNFO Ageing
DistilNFO Safety
DistilNFO Life Sciences
DistilNFO GovHealth
DistilNFO Fintech
Russian Hackers Attack Chrome And Firefox Browsers
Play as Audio 
October 9, 2019
Kaspersky specialists have found a new web threat. It is a trojan created by the Russian hackers which infect Google Chrome and Firefox web browsers.
A Russian cyber-espionage hacker group, named as Turla, is found to be behind this attack that involves patching locally installed browsers like Chrome and Firefox in order to modify the browsers’ internal components. The patching alters the way the two browsers set up HTTPS connections and add a per-victim fingerprint for the TLS-encrypted web traffic that originates from the infected computers.
How Russian hackers attack Chrome and Firefox browsers?
Turla, which is believed to operate under the protection of the Russian government, is infecting victims with a remote access trojan named Reductor, through which they are modifying the two browsers.
The attack involves two steps – First – They install their own digital certificates to each infected host. This enables them to intercept any TLS traffic originating from the host.
Second, they modify the Chrome and Firefox installation to patch their pseudo-random number generation (PRNG) functions. These functions are used when generating random numbers needed for the process of negotiating and establishing new TLS handshakes for HTTPS connections.
Turla is inflicting an advanced attack
Most of the criminals focus exclusively on exploiting security vulnerabilities in browsers. However, Team Turla has gone one step further. They infect systems with remote access trojan and uses it to modify browsers.
In the past, Turla has been known to hijack and use telecommunications satellites to deliver malware to remote areas of the globe. They had developed a malware that hid its control mechanism inside comments posted on Britney Spears’ Instagram photos. They also had developed email server backdoors that received commands via spam-looking messages.
However, this is also not the first time when Turla has released a code that alters a browser component to deploy malware on infected hosts. The group has previously installed a backdoored Firefox add-on in victims’ browsers back in 2015 which they used to keep an eye on the user’s web traffic.
Liked this story?
Get top 10 stories like these delivered to your inbox weekly.
View Sample Newsletter
Primary SidebarFollow  Us
Popular Picks
iTunes Is Dead 
Alibaba’s First AI Chip Is Here 
Top 8 Cloud Companies Of The World 
What Is Elon Musk’s Warning to Public? 
Russian Hackers Attack Chrome And Firefox Browsers 
Wi-Fi 6 is officially Born, 7 Fundamental Points To Know 
Google On A Hiring Spree Of SAP Employees To Win Cloud Race 
What Is Microsoft Emergency Patch Update All About? 
Facebook Says Its Own Cryptocurrency Is Out Of Control 
Google Cloud CEO: Cloud Business is Seeing Enormous Growth, Dismisses US-China Trade War 
Related Posts
What Is Microsoft Emergency Patch Update All About?2016 sees Internet Explorer usage collapse, Chrome surgeEmerging new generation CIO: Digital MindsetChief Digital And Information Officer Jacky Wright To Leave HMRC And Join MicrosoftWhat is Digital Twin Technology? Top 10 thingsAlexa is more obedient now, will talk as you wantSEC Fines Yahoo $35 Million over 2014 Email Breach5 Most Important Aspects of Enterprise Security in 2020
Our Publications
DistilNFO HealthPlan Advisory
DistilNFO IT Advisory
DistilNFO HospitalIT Advisory
DistilNFO Retail Advisory
DistilNFO  POPHealth Advisory
DistilNFO HITRUST Advisory
DistilNFO Ageing Advisory
DistilNFO Safety Advisory
DistilNFO Life Sciences Advisory
DistilNFO GovHealth Advisory
DistilNFO Publications · 
Subscribe · 
Contact · 
Advertise · 
Privacy Policy · 
Terms of Service