Black Hat is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Abusing Chrome Extensions to Form a Bot Net

View Recording

Thursday, November 16, 2017
11:00AM - 12:00PM PDT
60 minutes, including Q&A

Abusing Chrome Extensions to Form a Bot Netl by Tomer Cohen

Browser extensions have significantly improved the way we experience the web today. However, while the extension stores offer great opportunities for both developers and users, they are also used by attackers to distribute malicious extensions, specifically "bot extensions," which are extensions that allow them to remotely control the victim's browser.

Once infected, a user's browser becomes a bot in a huge bot net, which is later used by attackers to run DDoS attacks, send spam and more. During the past year, we have identified many such infection campaigns. Attackers are consistently trying to distribute their malicious extensions, and they do it by abusing popular web and social media platforms - including Facebook, Google and many more.

In this talk, Tomer will elaborate about the nature of these infection campaigns, how they work and the big advantages in running them with browser extensions.


Tomer CohenTomer Cohen

Tomer Cohen leads the team at responsible for all R&D and production systems security. Previous to that, Tomer worked as an application security expert at several firms. Tomer was also one of the founders of "Magshimim" cyber training program, which trains high-schools students in the periphery of Israel, in the field of cyber security.





Sign up to receive information about upcoming Black Hat events including Briefings, Trainings, speakers, and important event updates.


Sustaining Partners