New Chrome Syncjacking Attack Threatens Billions of Users

The sophisticated browser exploit allows hackers to hijack accounts, steal data, and take full control of devices with minimal user interaction.

Researchers at cybersecurity firm SquareX have identified a new Chrome browser exploit called 'Browser Syncjacking' that targets billions of users globally.
The attack uses malicious extensions and tampered Chrome support pages to trick users into enabling browser sync, granting hackers access to passwords, browsing history, and more.
Hackers can escalate the attack to take complete control of a victim's device, enabling actions like malware installation, keystroke logging, and webcam activation.
The attack is particularly dangerous due to its stealthy nature, requiring minimal permissions and limited user interaction to execute.
Experts recommend avoiding unnecessary Chrome extensions, using password managers, enabling multi-factor authentication, and regularly reviewing browser settings to mitigate risks.