| dc.description.abstract | With the rapid advancement of technology, browser extensions have become crucial tools for enhancing user browsing experiences. However, while enjoying the powerful functionalities provided by extensions, users are required to grant corresponding permissions, inadvertently providing a convenient pathway for malicious attackers.
This paper investigates whether malicious browser extensions can exploit permissions granted by users to steal personal information from online banking systems. It aims to confirm the feasibility of extensions stealing personal data and proposes defensive strategies against such malicious behavior.
The paper begins by introducing browser extensions, the development tools used during their creation, and methods for storing data within browsers. It then designs and implements a malicious extension system called InfoStealer, which detects user login status on online banking systems, sends requests to collect user data from banking servers, and ultimately transmits this data to other servers for simulation and analysis of the data theft process. The experimental results demonstrate the system′s capabilities in login detection, data retrieval, and transmission, while analyzing the relevance of extension permissions to malicious behavior.
This study provides defense strategies against such malicious behavior, advocating not only for authentication but also verification of network request headers to ensure requests originate from expected sources. Finally, the paper discusses the impact and consequences of data theft behavior, highlighting limitations of the research system. | en_US |