Squarex reveals a browser-life software that threatens millions

Palo Alto, USA, March 28 2025, CyberNewswire

From Wannacry to Hack Mgm Resorts, Ransomware remains one of the most detrimental cyber threats to the plague. Keinelizi estimates that corporations spend almost $ 1 billion per ransom every year, but higher cost often derives from damage to reputation and prompt disorder caused by the attack.

Run programs attacks tend to be victims to download and install the software that copies, encryption and/or deletes critical data on the device only for redemption recovery. Traditionally, the primary redemption target was the victim. However, due to the spread of Cloud and SAAS SERVICES, the device no longer keeps the keys to the kingdom. Instead, the browser has become the main way in which employees are working and interacting with the Internet. In other words, the browser becomes a new end point.

He disclosed the basic vulnerability of the browser, as well as, and now determines a strong warning about the appearance of route software concerning the browser.

Squarex founder, warns: “With a recent burst of identity attacks on the basis of a browser, how we saw, with an attack in a chromium store, we begin to see evidence of” ingredients “that relate to the browser that are used when one time is a wicked-in-law. Redemption software no longer involves downloading files, which makes a browser -made solution necessary to combat the ransom dealing with the browser, “.

Unlike traditional redemption software, the Ransomware, with a browser, does not require file loading, providing them is not fully detected by means of a final point. Most likely, this attack is focused on the digital identity of the victim, using the widespread transition to cloud storage of enterprises and that the authentication based on the browser is the main gateway to access these resources. In thematic studies, these attacks use AI agents to automate most attack sequences, which requires minimal social engineering and the intervention of the attacker.

One of the potential scenarios involves the user’s social engineering to provide a fake performance tool to their e -mail, which can determine all the SAAS programs that register the victim. He can then systematically reset the password of these applications using AI agents, withdrawing users on their own and holding the data of the enterprises stored on these programs in hostages.

Similarly, the attacker can also focus on file exchange services such as Google Drive, Dropbox and OneDrive using the victim’s person to copy and delete all files stored under their account. Critically, attackers can also access all common reasons, including those who shared their colleagues, customers and other third parties. This significantly expands the surface of the browser redemption attack, where most traditional redeemed programs are limited by one device, all you need is one employee’s error for intruders to gain full access to resources for all businesses.

Since less and fewer files are loaded, the attackers inevitably monitor where valuable data are created and stored. As browsers become a new endpoint, it is important for businesses to review the browser’s security strategy as EDR as decisive to protect against file redemption software, a browser decision with a deep understanding of the program’s assault on the client’s side will become important to fight.