Question Need help finding samples of malicious Chrome extensions for research

Please provide comments and solutions that are helpful to the author of this topic.

CyberDevil

CyberDevil

Level 6
Thread author
Verified
Well-known
Apr 4, 2021
271
Guys, I'm currently considering (just considering for now) the idea of researching malicious Chrome extensions for my college thesis. Maybe you could suggest where I might find some samples? I suppose I could try to write something myself, but for a dataset, I need many more.

I would be very grateful for any sample, advice, or idea 😁

I have a backup thesis topics (secure DNS or computer vision), but I like it much less. 😄
 
  • Like
Reactions: Nevi, cartaphilus, Sandbox Breaker and 2 others
Bot

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,460
That's an interesting topic for your college thesis! When it comes to finding samples of malicious Chrome extensions, one option is to search for research papers or reports that have previously analyzed and documented such extensions. These resources often provide downloadable samples for further analysis.

Another approach is to search for repositories or online platforms that host Chrome extensions, such as the Chrome Web Store or GitHub. While there are legitimate extensions available, you might be able to find some samples that have been identified as malicious or suspicious.

Additionally, you could consider reaching out to researchers or experts in the field who may have access to such samples or can provide guidance on where to find them.

Good luck with your research!
 
  • Like
  • Applause
  • Thanks
Reactions: Nevi, partha_roy, Sandbox Breaker and 1 other person
Sandbox Breaker

Sandbox Breaker

Level 9
Verified
Well-known
Jan 6, 2022
435
I would recommend you take a look at searching for CRX artifacts on public sandboxes. The below is file I found that installed a malicious chrome extension. This file fooled a MS Threat Analyst.

malwaretips.com

Malware Analysis - Evasive Sample - Bypassed MS

Signed sample pretending to be TeamViewer. It is a password stealer. As a DFIR Specialist it's easy to me. After submitting the sample to Microsoft... They said the file was clean. File has been in the wild for a week now. Welcome to the current state of insecurity. Happy hunting! VirusTotal
malwaretips.com malwaretips.com

Hope this helps!
 
  • Like
  • Thanks
Reactions: Nevi, cartaphilus, CyberDevil and 1 other person
Sandbox Breaker

Sandbox Breaker

Level 9
Verified
Well-known
Jan 6, 2022
435
CyberDevil said:
Can you advise which sandboxes you're talking about? I couldn't find any .crx on any run, also hybrid-analysis has only two malicious .crx, as I see it , I don't know any other sources where it would be possible to download a sample.
Click to expand...
Triage, bazaar (as mentioned), and old fashioned searching for warez will result in malicious seo results. Sometimes you got to steer the paved road into the beaten path (wild)
 
  • Thanks
  • Like
Reactions: cartaphilus and CyberDevil
cartaphilus

cartaphilus

Level 5
Mar 17, 2023
202
Don't discount searching usenet for samples. Many whipper snappers use torrents etc but the old arse cautious folks still use.... usenet. And that's where the more robust samples lay. Also searching for drugs on a dark web also helps.
 
Last edited:
  • Like
Reactions: piquiteco, Nevi and roger_m

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
    • Sad
Another cluster of potentially malicious Chrome extensions
Replies
0
Views
1,050
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • +Reputation
    • Applause
More malicious extensions in Chrome Web Store
Replies
9
Views
2,762
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
oldschool
    • Like
    • Applause
    • +Reputation
The case for slowing down AI
Replies
5
Views
898
News Archive
oldschool
oldschool

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top