TECH NEWS

Edge users beware — this malicious extension can break out of the sandbox and install ransomware

https://cdn.mos.cms.futurecdn.net/tSejjmrgK46MgdhWqD5miC-2000-80.jpg
  • Zscaler uncovered “Edgecution,” a malicious Edge extension deployed via fake Outlook update sites shared in Teams phishing
  • Attack uses ZIP archives with Python runtime to escape browser sandbox, creating a backdoor capable of shell/PowerShell execution and system data theft
  • Believed linked to Initial Access Brokers tied to ransomware group Payout Kings, showing evolving sophistication in access‑for‑sale operations

If you are using the Edge browser be careful - there is a malicious campaign going round that uses the browser to deploy a backdoor via an extension.

According to security researchers Zscaler, scammers are reaching out to their victims via Microsoft Teams, pretending to be IT support. They claim the user needs to install an Outlook update, or a spam filter, and direct the victims to a fake “Outlook Updates Management Console” website.

There, the users are instructed to run one of the three provided processes, all of which download a ZIP...

Copyright of this story solely belongs to techradar.com. To see the full text click HERE

Read more