Squarex Discloses Browser-native Ransomware That Puts Millions At Risk

1 month ago

ARTICLE AD BOX

Palo Alto, USA, March 28th, 2025, CyberNewsWire

From WannaCry to nan MGM Resorts Hack, ransomware remains 1 of nan astir damaging cyberthreats to plague enterprises. Chainalysis estimates that corporations walk astir $1 cardinal dollars connected ransom each year, but nan greater costs often comes from nan reputational harm and operational disruption caused by nan attack.

Ransomware attacks typically impact tricking victims into downloading and installing nan ransomware, which copies, encrypts, and/or deletes captious information connected nan device, only to beryllium restored upon nan ransom payment. Traditionally, nan superior target of ransomware has been nan victim’s device. However, acknowledgment to nan proliferation of nan unreality and SaaS services, nan instrumentality nary longer holds nan keys to nan kingdom. Instead, nan browser has go nan superior measurement done which labor behaviour activity and interact pinch nan internet. In different words, nan browser is becoming nan caller endpoint.

SquareX has been disclosing awesome browser vulnerabilities for illustration Polymorphic Extensions and Browser Syncjacking, and is now issuing a beardown informing connected nan emergence of browser-native ransomware.

SquareX’s founder, Vivek Ramachandran cautions, “With nan caller surge successful browser-based personality attacks for illustration nan 1 we saw pinch nan Chrome Store OAuth attack, we are opening to spot grounds of nan ‘ingredients’ of browser-native ransomwares being utilized by adversaries. It is only a matter of clip earlier 1 smart attacker figures retired really to put each nan pieces together. While EDRs and Anti-Viruses person played an unquestionably captious domiciled successful defending against accepted ransomware, nan early of ransomware will nary longer impact record downloads, making a browser-native solution a necessity to combat browser-native ransomwares.”

Unlike accepted ransomware, browser-native ransomware requires nary record download, rendering them wholly undetectable by endpoint information solutions. Rather, this onslaught targets nan victim’s integer identity, taking advantage of nan wide displacement toward cloud-based endeavor retention and nan truth that browser-based authentication is nan superior gateway to accessing these resources. In nan lawsuit studies demonstrated by SquareX, these attacks leverage AI agents to automate nan mostly of nan onslaught sequence, requiring minimal societal engineering and interference from nan attacker.

One imaginable script involves societal engineering a personification into granting a clone productivity instrumentality entree to their email, done which it tin place each nan SaaS applications nan unfortunate is registered with. It tin past systematically reset nan password of these apps pinch AI agents, logging nan users retired connected their ain and holding endeavor information stored connected these applications hostage.

Similarly, nan attacker tin besides target file-sharing services for illustration Google Drive, Dropbox and OneDrive, utilizing nan victim’s personality to transcript retired and delete each files stored nether their account. Critically, attackers tin besides summation entree to each shared drives, including those shared by colleagues, customers and different 3rd parties. This importantly expands nan onslaught aboveground of browser-native ransomware – wherever nan effect of astir accepted ransomware is confined to a azygous device, each it takes is 1 employee’s correction for attackers to summation afloat entree to enterprise-wide resources.

As less and less files are being downloaded, it is inevitable for attackers to travel wherever activity and valuable information are being created and stored. As browsers go nan caller endpoint, it is important for enterprises to reconsider their browser information strategy – conscionable arsenic EDRs were captious to take sides against file-based ransomware, a browser-native solution pinch a heavy knowing of client-side exertion furniture personality attacks will go basal successful combating nan adjacent procreation of ransomware attacks.

To study much astir this information research, users tin sojourn https://sqrx.com/browser-native-ransomware

About SquareX

SquareX’s industry-first Browser Detection and Response (BDR) solution helps organizations detect, mitigate, and threat-hunt client-side web attacks happening against their users successful existent time. In summation to browser ransomware, SquareX besides protects against various browser threats including personality attacks, malicious extensions, precocious spearphishing, GenAI DLP, and insider threats.

The browser-native ransomware disclosure is portion of nan Year of Browser Bugs project. Every month, SquareX’s investigation squad releases a awesome web onslaught that focuses connected architectural limitations of nan browser and incumbent information solutions. Previously disclosed attacks see Browser Syncjacking and Polymorphic Extensions.

To study much astir SquareX’s BDR, users tin interaction [email protected].

For property inquiries connected this disclosure aliases nan Year of Browser Bugs, users tin email [email protected].