LNKR Continues Attacks into the Holiday Season

The PerimeterX Research Team recently discovered a string of incidents tied to LNKR. Previously discovered by researchers in 2016 and making a comeback this summer, LNKR has reappeared and is continuing to attack websites going into the holiday season.

For the complete details, please read the technical research blog by Ben Baryo.

What is LNKR?

LNKR is a type of malware that is carried out through Chrome browser extensions. It adds JavaScript to web pages that can track browser activity and replace existing ads with its own, possibly malicious ads. Bad actors use this to generate revenue or to track user behavior. For example, LNKR malware can replace Google search results or replace existing ad elements and iframes on a page with its own ads. LNKR is even more advanced than an average ad injection extension: it can also inject JavaScript code directly on the site onto pages that have user write-access such as a product or check-out page. This means any user that visits the page in the future, whether they have a LNKR browser extension or not, will experience the changes previously made on the page.

What is a Browser Extension?

Sponsorships Available

Sponsorships Available

Sponsorships Available

Browser extensions are small software programs, built with technologies such as JavaScript, HTML or CSS, that are designed to add specific functionality to standard web browsers. There are hundreds of thousands of extensions available for every popular browser. Coupon savings extensions, productivity tools, password managers, and helpful collaboration tools are some of the most popular, with millions of downloads and active users.

The Impact to E-commerce Business and Shoppers

There are hundreds of thousands of browser extensions. Some are malicious and bring malware with them, which can pose serious threats to both privacy and security.

When visiting a site, a consumer expects a smooth and trusted experience, (Read more...)