Zombie Browsers, spiced with rootkit extensions presented at Hacktivity 2012

by Zoltn Balzs,

Tags: Security

Summary : "With the increase of thin client applications, the trend is that the
operating system is becoming less and less important, while the
browsers are becoming the new operating system. For example think
about ChromeOS.
Despite the browsers are becoming more and more important, the
safeguards stuck at the OS layer.
That's one reason why I've developed a browser rootkit, which works in
a Command and Control architecture. Main features of the rootkit are:
Stealing cookies - e.g. to circumvent two-factor authentication
Stealing passwords (from password manager or DOM)
Uploading files to the client, downloading files to the server
Executing JavaScript
Executing executables on Windows
and much more....
During the presentation you will see history of malicious browser
extensions, Firefox, ChromeOS, Android, Meterpreter sessions,
Virustotal statistics and defensive advises from Mr. Mackey. Don't
miss it, mmmkay?"