Lemon8Lifestyle community

Automatically translated.View original post

FreedomHack 󱢏
FreedomHack 󱢏

3834 followers

Follow
Follow
Follow
Chinese hackers embedded malware into victim browser's images(0)
1/2

You may also like

SECRETS Hackers DON’T Want You to Know!

SECRETS Hackers DON’T Want You to Know!

techgirljentechgirljen
424
Tech Hacks For Beginners 📲💻😬

Tech Hacks For Beginners 📲💻😬

Joy 📚Joy 📚
283
Tools and sites I use as a cybersecurity student 🌸

Tools and sites I use as a cybersecurity student 🌸

LexiStudiesLexiStudies
107
SIEGEX is all CHEATERS & HACKERS😭

SIEGEX is all CHEATERS & HACKERS😭

PhasmaPhasma
39
Websites You NEED to Pass Your College Courses

Websites You NEED to Pass Your College Courses

BeautyBeauty
285
See more on the app
See more on the app
See more on the app
0 saved
1

Chinese hackers embedded malware into victim browser

Chinese hacker DarkSpectre embeds malware into browser; over 9 million victims

The web browser, in addition to being an intermediary for computer users to enter the Internet world for a long time, is also one of the main targets of hackers' attacks, because if the web browser is accessible, it leads to easy access to the victim's classified information.

According to a report by the website Cyber Security News, a malware distribution campaign has been detected through the web browser extension, or Extension, by a group of hackers from China, DarkSpectre, whose target covers three popular web browsers: Chrome, Edge and Firefox. Currently, there are 8,800,000 victims of this campaign attack. The spread of malware is not just one, but three malware is used.

ShadyPanda, which affects Chrome, Edge, and Firefox web browsers, has 5,600,000 victims.

Zoom Stealer affects web browsers Chrome, Edge, and Firefox. 2,200,000 victims

GhostPoster affects web browser Firefox has 1,050,000 victims

The important thing is that the three malware attacks are not separate campaigns, but they are all included in the same campaign. All malware release plans are coordinated in step-by-step collaboration. A research team from Koi Security, a cybersecurity expert, revealed that the hackers have been poisoning Extensions that look like genuine Extensions that are harmless for people to download for more than five years and then drop the malware (payload) into the victim's machine. The research team has detected the link of the above malware between Performed infrastructure analysis of ShadyPanda malware.

In examining the infrastructure of such malware, the research team found that hackers had two domains in use, infinitynewtab [.] com and infinitytab [.] com, which are practical and harmless domains to deal with extensions like Weather Widgets and New Tab Pages, while these same domains have been in contact with the malware infrastructure like C2 or Command and Control at the same time. By managing the infrastructure wisely, realistically and seamlessly, it leads to the spread of the three malware. The research team also found that this infrastructure is linked to Extensions that spread up to 100 Extensions of malware.

The most interesting malware release technique, the research team, defined the technique as placing a "time bomb" on the Extension, where the bomb will be dormant for a long time before releasing the payload on the victim's machine. For example, the add-on called "New Tab - Customized Dashboard" will be dormant for three days after it is installed on the web browser before contacting the C2 server to download the payload. A review of the Marketplace download source found that the add-on is still a genuine add-on and a review from Users will not find anything wrong with the add-on. In addition, the add-on will start releasing malware only after the add-on has been fully monitored by the local security system. It can be called hidden and works very well. It also uses additional detection techniques with only 10% of the load of the website to make it harder to detect the Routine.

For its part, Payload is well hidden with PNG files that serve as the application's logo file. In the file, JavaScript scripts are hidden. Multilayers of scripts are included, such as custom Encoding, XOR encryption, and special code to handle the local security system. This will lead to the download of another 65 KB JavaScript from the C2 server to help hackers choose whether to Run anything on the victim's browser without making additional updates that could lead to it being monitored by a double security system.

# Trending # Lemon 8 Howtoo # Drug sign with lemon8 # lemon 8 diary # freedomhack

1/22 Edited to

... Read moreจากประสบการณ์และข้อมูลวิจัยล่าสุด การโจมตีผ่าน Extensions เว็บเบราว์เซอร์ถือเป็นภัยคุกคามที่มีความซับซ้อนและยากจะตรวจจับ เพราะมัลแวร์สามารถซ่อนตัวเป็นส่วนเสริมที่ดูเป็นของแท้และใช้งานทั่วไป เช่น "New Tab – Customized Dashboard" ที่แฝงมัลแวร์ไว้ในรูปแบบ Dormant หรือเฉยๆ เป็นเวลานานก่อนจะเริ่มทำงาน ทำให้ผู้ใช้ไม่สงสัยและยังคงใช้งาน Extensions ดังกล่าวโดยไม่รู้ตัว การฝังมัลแวร์ในรูปแบบนี้ส่งผลกระทบอย่างใหญ่หลวงเพราะเว็บเบราว์เซอร์คือช่องทางสำคัญที่เชื่อมต่อเข้าสู่ข้อมูลส่วนตัวและข้อมูลสำคัญ เช่น ข้อมูลการล็อกอิน บัญชีธนาคาร หรือแม้แต่การเข้าถึงข้อมูลประชุมออนไลน์ที่ถูกขโมยด้วยมัลแวร์ "Zoom Stealer" ในแคมเปญนี้ เทคนิคที่ใช้ ไม่เพียงแต่ใช้การซ่อนสคริปต์ JavaScript หลายชั้นและการเข้ารหัสแบบพิเศษ (Custom Encoding และ XOR) แต่ยังมีการทำงานร่วมกับโดเมนจริง ๆ อย่าง infinitynewtab.com เพื่อควบคุมและหลบเลี่ยงระบบรักษาความปลอดภัยต่าง ๆ ทำให้ผู้ใช้และโปรแกรมป้องกันไวรัสจัดการตรวจจับได้ยากมาก สำหรับผู้ใช้งานเบราว์เซอร์ แนะนำให้ระมัดระวังการติดตั้ง Extensions โดยเลือกติดตั้งเฉพาะจากผู้พัฒนาและแหล่งที่เชื่อถือได้ และควรตรวจสอบรีวิวและจำนวนผู้ใช้อย่างละเอียด รวมทั้งอย่าละเลยการติดตั้งซอฟต์แวร์ป้องกันไวรัสหรือโปรแกรมรักษาความปลอดภัยที่ทันสมัย นอกจากนี้ควรอัปเดตเบราว์เซอร์และ Extensions อย่างสม่ำเสมอเพื่อลดช่องโหว่ที่อาจถูกโจมตี สุดท้าย การติดตามข่าวสารและการแจ้งเตือนจากผู้เชี่ยวชาญด้านความปลอดภัยไซเบอร์ เช่น Koi Security หรือ Cyber Security News จะช่วยให้เราอัพเดตและเตรียมพร้อมรับมือกับภัยคุกคามเหล่านี้ได้ดียิ่งขึ้น

Related posts

The image shows a keyboard with a fingerprint icon, overlaid with "OUTSMART HACKERS" and "Secrets they don't want you to know," serving as the title for a guide on cybersecurity.
This image explains hackers use software to guess passwords and advises creating long passwords with a random mix of letters, numbers, and symbols to defend against such attacks.
The image warns that hackers try common passwords and advises users to defend themselves by avoiding easy words/phrases and not reusing passwords across different sites.
SECRETS Hackers DON’T Want You to Know!
After hackers got into my Facebook account and completely erased it, I dusted myself off and started a deep dive to understand why and how hackers work. The best way to protect yourself is to outsmart them. Here are 5 secrets Hackers DON'T want you to know! Share this with everyone! #lemon8pa
techgirljen

techgirljen

424 likes

A hand holds a pink iPhone with text 'Tech 101 For Beginners' and 'Tips to help Non-Tech Savvy Users,' accompanied by laptop and phone app icons, against a brick background.
A pink iPhone in its box, illustrating the tip to 'Keep Your Devices Updated' with text explaining why updates help and advising to enable automatic updates.
An iPhone screen displaying app icons and display settings, accompanying the tip to 'Use Strong, Unique Passwords' with reasons why and advice on using combinations and password managers.
Tech Hacks For Beginners 📲💻😬
I have some great tips for non-tech savvy tech users. I know these tips will help you learn your tech more quickly and effectively. 1. Keep Your Devices Updated Why It Helps: Updates often contain security patches and improvements that help your device run smoothly. Tip: Enable automatic updat
Joy 📚

Joy 📚

283 likes

A young woman with long dark hair, wearing a pink satin shirt, smiles at the camera while sitting at a table. Overlay text reads: 'Tools and sites I use as a cybersecurity student to progress my skills and keep me interested in studying'.
A screenshot of 'The Hacker News' website, displaying various cybersecurity news articles from January 2025, including topics like vulnerabilities, malware, cyber espionage, and AI jailbreak methods. An ad for Zscaler and a banner for CIS Hardened Images are also visible.
A screenshot of the O'Reilly learning platform, showing various books and expert playlists related to AI, engineering, and data. Overlay text highlights the subscription cost ($50/month or $499/year) and its value for accessing books and live events.
Tools and sites I use as a cybersecurity student 🌸
#cybersecuritystudent #cybersecurity #techgirlie
LexiStudies

LexiStudies

107 likes

SIEGEX is all CHEATERS & HACKERS😭
Why is this game full of cheaters and hackers and bugs🤷‍♀️ #siege #rainbowsixsiege #gaming #streamer #foryou
Phasma

Phasma

39 likes

A laptop with a cloudy sky wallpaper and a white cup with a red logo. Text overlay reads: 'Free Websites That Saved My GPA AND MY SANITY Sharing So You Don't Struggle Too'.
A laptop screen displays Yahoo search results for 'Quizlet'. An overlay describes Quizlet as a free flashcard tool for memorizing terms, definitions, and formulas, making studying feel like a game.
A laptop screen displays Yahoo search results for 'Unriddle.ai'. An overlay describes Unriddle.ai as a free tool that breaks down notes, articles, or assignments to aid understanding of long readings.
Websites You NEED to Pass Your College Courses
Y’all college is hard enough without trying to figure everything out on your own 😩 So here’s my list of websites that actually helped me pass my classes like, these were in my survival kit. I’m not gatekeeping 🫶🏽 Quizlet When I needed to memorize terms FAST. I used it for flashcards, and the matc
Beauty

Beauty

285 likes

4 In demand Certificates You Need in 2025
Hey Career Girl, I know you want to start off the New Year on the right foot and a certificate is just the thing. Certificates can open the doors to new pathways in the career world that wouldn't have been opened before! Love this type of content? Follow and share! Need Interview P
Lauren|Career Girl

Lauren|Career Girl

164 likes

WARZONE HACKERS
Warzone is full hackers and call of duty does not care #warzone #hacker #memesdaily #memes🤣 #gaming
DUSTINMYRQ ™

DUSTINMYRQ ™

5 likes

scammers and hackers beware
Hudson
cercofhell

cercofhell

27 likes

A message to Minecraft hackers…
You should join the server #minecraft #gaming #fyp
BendersMC

BendersMC

13 likes

#yungblud
watch4hackers

watch4hackers

8 likes

A monitor displays the Martin AI assistant dashboard with sections for to-dos, reminders, calendar, and chat, set on a desk with a keyboard and plant, illustrating the phrase "Say what you need, it gets it done."
The Martin AI assistant dashboard is shown, featuring to-dos, reminders, calendar, inbox, and a chat interface for sending schedules, emphasizing its ability to use voice commands for tasks like texting and setting reminders.
The Martin AI assistant dashboard displays to-dos, reminders, calendar, and an inbox with emails, highlighting its function to remember and track information across various platforms without repetition.
Your to-do list just got a personal manager
You know when you have too many tabs open in your brain? This app is like closing all of them... at once. Martin is your Al assistant that actually works like a real one. Need to text someone, forward notes, set reminders, or manage your day? Just tell Martin. It connects with your inbox,
Reverelia

Reverelia

366 likes

Hackers Be Like:
#fypage
AidenIsMyself

AidenIsMyself

0 likes

A woman wearing a black outfit and a large pearl necklace smiles while sitting in a room with rows of green chairs. Other individuals are visible in the background. The image features Lemon8 branding with the username @angelawrivers.
Hackers hijacked antivirus features to install mal
Hackers hijacked antivirus features to install malware - here's what we know https://www.yahoo.com/tech/cybersecurity/articles/hackers-hijacked-antivirus-features-install-140500891.html #hackers #malware #cybersecurity #antivirus
angela1957

angela1957

1 like

Taco Tuesday 🤯 Admin Abuse ⁉️ #stealabrainrot #robloxstealabrainrot #roblox #neoskittles
NeoSkittles

NeoSkittles

6 likes

I wanted a real project I could actually show, not just talk about. So I used Atoms ⚛️ Check it out here: https://tinyurl.com/3xzc8xbe It feels like having a whole AI team helping me: 🔍 they do the deep research first 🏁 then Race Mode builds different versions so I can compare 👥 I just pick
emilie.studygram

emilie.studygram

19 likes

Blue jackets hockey is on the riseeeeeeee
peyton

peyton

1 like

Hackers are using tricks & steal financial info.🌸🍋
SECURITY TIPS: Be careful from hackers they use multiple different types of software and tricks to steal data from computers, cell phones or other devices to steal your data, financial information and personal details. When they hack via computer systems Showing they are from Microsoft Security Ale
Mujahid Bakht

Mujahid Bakht

6 likes

BIG Holiday Costco Shop & Haul | Anchorage, Alaska
vanditsv

vanditsv

2 likes

These Hackers on Marvel Rivals getting crazy!
#marvelrivals #twitchtv #followme #Hackers #marvelfunny
MisFit Miracles

MisFit Miracles

2 likes

If you have the Samsung, you need to watch this and update your phone immediately 
Cybersecurity Girl

Cybersecurity Girl

49 likes

A smartphone displays a message asking God to unblock it due to hackers. A patterned pad and colorful items are in the hazy background. The image includes Lemon8 branding and a username.
God, please unblock this android, hackers have in
Olga Ledbetter

Olga Ledbetter

37 likes

⚠️ The Hidden Dangers of Public Wi-Fi Free Wi-Fi feels convenient, but it can be a trap. Hackers can create what’s called an “evil twin” network—a fake hotspot that looks legitimate. The moment you connect, they can access your data, passwords, banking info, and private messages. Listen
Dannah Eve

Dannah Eve

82 likes

Hackers
How call of duty has me #call of duty #hacker #warzone
Stevie_Wonders

Stevie_Wonders

1 like

A woman with dark hair and a light orange top smiles at the camera. The background features a wooden wall. Watermarks for Lemon8 and TikTok Lite with the username @angelawrivers are visible.
Hackers are using Google.com to deliver malware
Hackers are using Google.com to deliver malware by bypassing antivirus software and here is how to stay safe https://www.msn.com/en-us/news/technology/hackers-are-using-google-com-to-deliver-malware-by-bypassing-antivirus-software-here-s-how-to-stay-safe/ar-AA1GIDSi?ocid=sapphireappshare #hackers
angela1957

angela1957

0 likes

warzone hackers be mad little babies
#cod #ps5 #gamergirl #warzone #fuckhackers
Twilightvile

Twilightvile

2 likes

Replying to @Red what parts or the dark web live in your brain rent free? #scarystories #horror #eductional #darkweb
Liz Cooper🦋

Liz Cooper🦋

43 likes

PSA PSA PSA ‼️ #fyp #hackers #facebook #scammers #viral
Kay’s House ✨

Kay’s House ✨

2 likes

Kalebdavis19

Kalebdavis19

1 like

You shouldn’t be worried about the hackers, you should be worried about your settings. Check out ThreatLocker DAC today #ad #cybersecurity
Cybersecurity Girl

Cybersecurity Girl

25 likes

Ban Hackers
Vinicius Jr 🇧🇷 #fcmobile #eafcmobile #fifamobile #fcmobile25 #eafc
manuelofficial_13

manuelofficial_13

1 like

Browser Syncjacking Awareness
Be vigilant on downloading Google extensions as some may give hackers unauthorized access to your device. #hacking #cybersecurity
Lemon8er

Lemon8er

0 likes

Attention Instagram users! A data leak exposed 17.5 million users' info. Find out what happened and learn how to keep your account secure. #news #technews #instagramdataleak
Cybersecurity Girl

Cybersecurity Girl

10 likes

Chinese Hackers Breach U.S. Treasury
#cybersecurity #cyberattack #ustreasury #janetyellen
Her Tidings

Her Tidings

0 likes

🚨 16 Billion passwords leaked - the largest breach ever 🚨 Here is how it happened and what you can do to be safe. #news #databreach #cybersecuritytips #onlinesafety
Cybersecurity Girl

Cybersecurity Girl

128 likes

Chinese Hackers Target Senior US Officials
China’s Salt Typhoon continues to target very senior US government official by intercepting phone calls and meta data in a continued cyber espionage campaign. #china #hackers #cybersecurity #salttyphoon
Lemon8er

Lemon8er

0 likes

King Trump
GrouchyGrandpaChannel

GrouchyGrandpaChannel

3 likes

HACKERS IN THE BETA
Blackops 7 has hackers already…. #hacker #blackops7 #bo7
Goofstha

Goofstha

1 like

Amen thanks Father God Jesus Christ God morning word and prayer devil's I rebuke you your childrens Morehouse parish sheriff department officers and Mike Stone Tubbs and hackers and Elon Musk and Donald Trump and Mark Zuckerberg and Randy Tappin and Christopher Thirdkill and IT and their countr
glentrump359

glentrump359

0 likes

Bigfoot Super Hackers.
#manthoughts #hackers #laughoutloud #bigfootvlog #lifetips
Alien Hayes

Alien Hayes

13 likes

A travel tip graphic advises using a VPN for security on public Wi-Fi, set against a blurred airport background. It features a profile picture of Bridgitte Monique, a Certified Travel Advisor, along with her contact information and Lemon8 handle.
Travel Tip of the Day
Follow for more travel advice and ideas. (I follow back 😉) #travelwithme2025 #traveltip #traveltipsandtricks #traveladvisor #exploretheworldwithme #lemon8travel
Bridgitte | Travel | Wellness

Bridgitte | Travel | Wellness

8 likes

me rocking the shades yesterday at my day group ☺️
Øg Hackers Dèmøn

Øg Hackers Dèmøn

1 like

A rumor has been going around that Iranian hackers threatened to hack the U.S. credit system and boost everyone’s credit score. #fyp
iddy2707

iddy2707

2 likes

A 3D animated female character in a brown layered outfit, standing in a room. An overlay text expresses concern about the app having hackers and scammers.
A 3D animated female character with long brown hair, wearing a dark top with patterned sleeves and a layered skirt, looking over her shoulder.
A 3D animated female character in a lime green crop top and blue sarong, standing against a yellow tiled background. Text overlay mentions 'Momabear's set of Cuteness Overdose'.
Omg 😱 this app is becoming a bunch of hackers and
This app related to tik tok, why yall making it as a bunch of hackers and scammers WTH 🤦‍♀️ go somewhere else with your nonsense
ruthiyalvarez

ruthiyalvarez

2 likes

Hackers: "San Francisco, my privacy"
Susan McGrath

Susan McGrath

0 likes

Look world I just made this new Facebook account a minute ago Morehouse parish sheriff department officers and Mike Stone Tubbs and hackers and Elon Musk and Donald Trump and Mark Zuckerberg just locked and suspended it cause I'm sharing my legal paperwork and federal complaints I'm filling
glentrump359

glentrump359

0 likes

Hackers Dream
🕶 Digital Survival Duo "What if the real threat wasn’t in the email… but hidden in the vacation photo you just opened?" Remote Access Terminal (R.A.T.) and Image Hunter are not theory — they’re step-by-step, copy-paste-ready manuals with real, verifiable code. Learn exactly how attackers
Dark Meta

Dark Meta

11 likes

Safe Chrome Browser settings to TURN ON NOW!
Extra security is never a bad thing, especially when hackers are at an all time high. Luckily Google has our backs! They just launched a new feature called Safe Browsing that adds an extra layer of security to your web activities. It's 100% free to use and available to everyone with a Google A
techgirljen

techgirljen

35 likes

This is a keyboard for hackers.
Barry

Barry

1 like

when ur attorney is on a roll
darkangel1984666

darkangel1984666

1 like

See more