Question Need help finding samples of malicious Chrome extensions for research

Please provide comments and solutions that are helpful to the author of this topic.
CyberDevil

CyberDevil

Level 9
Thread author
Verified
Well-known
Apr 4, 2021
447
Guys, I'm currently considering (just considering for now) the idea of researching malicious Chrome extensions for my college thesis. Maybe you could suggest where I might find some samples? I suppose I could try to write something myself, but for a dataset, I need many more.

I would be very grateful for any sample, advice, or idea 😁

I have a backup thesis topics (secure DNS or computer vision), but I like it much less. 😄
 
  • Like
Reactions: Nevi, cartaphilus, Sandbox Breaker - DFIR and 2 others
Bot

Bot

AI-powered Bot
Apr 21, 2016
4,783
That's an interesting topic for your college thesis! When it comes to finding samples of malicious Chrome extensions, one option is to search for research papers or reports that have previously analyzed and documented such extensions. These resources often provide downloadable samples for further analysis.

Another approach is to search for repositories or online platforms that host Chrome extensions, such as the Chrome Web Store or GitHub. While there are legitimate extensions available, you might be able to find some samples that have been identified as malicious or suspicious.

Additionally, you could consider reaching out to researchers or experts in the field who may have access to such samples or can provide guidance on where to find them.

Good luck with your research!
 
  • Like
  • Applause
  • Thanks
Reactions: Nevi, partha_roy, Sandbox Breaker - DFIR and 1 other person
Sandbox Breaker - DFIR

Sandbox Breaker - DFIR

Level 12
Verified
Top Poster
Well-known
Jan 6, 2022
558
I would recommend you take a look at searching for CRX artifacts on public sandboxes. The below is file I found that installed a malicious chrome extension. This file fooled a MS Threat Analyst.

malwaretips.com

Malware Analysis - Evasive Sample - Bypassed MS

Signed sample pretending to be TeamViewer. It is a password stealer. As a DFIR Specialist it's easy to me. After submitting the sample to Microsoft... They said the file was clean. File has been in the wild for a week now. Welcome to the current state of insecurity. Happy hunting! VirusTotal
malwaretips.com malwaretips.com

Hope this helps!
 
  • Like
  • Thanks
Reactions: Nevi, cartaphilus, CyberDevil and 1 other person
Sandbox Breaker - DFIR

Sandbox Breaker - DFIR

Level 12
Verified
Top Poster
Well-known
Jan 6, 2022
558
CyberDevil said:
Can you advise which sandboxes you're talking about? I couldn't find any .crx on any run, also hybrid-analysis has only two malicious .crx, as I see it , I don't know any other sources where it would be possible to download a sample.
Click to expand...
Triage, bazaar (as mentioned), and old fashioned searching for warez will result in malicious seo results. Sometimes you got to steer the paved road into the beaten path (wild)
 
  • Thanks
  • Like
Reactions: cartaphilus and CyberDevil
cartaphilus

cartaphilus

Level 12
Well-known
Mar 17, 2023
575
Don't discount searching usenet for samples. Many whipper snappers use torrents etc but the old arse cautious folks still use.... usenet. And that's where the more robust samples lay. Also searching for drugs on a dark web also helps.
 
Last edited:
  • Like
Reactions: piquiteco, Nevi and roger_m

Similar threads

oldschool
    • Like
    • +Reputation
Privacy News Google's 7-year slog to improve Chrome extensions still hasn't satisfied developers
Replies
9
Views
1,037
Security News
Vitali Ortzi
Vitali Ortzi
Gandalf_The_Grey
    • Like
    • +Reputation
    • Sad
Another cluster of potentially malicious Chrome extensions
Replies
0
Views
1,261
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
oldschool
    • +Reputation
    • Like
    • Thanks
Privacy News Protecting Your Privacy While Eroding Your Democracy: Apple's and Mozilla's PPAs (Privacy Preserving Ad Attribution) Considered Harmful
Replies
2
Views
927
Security News
bazang
bazang

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top