New Syncjacking attack exploits benign Chrome extensions to hijack devices via Google profile and browser takeover. Attackers create a malicious Google Workspace domain, trick victims into installing an extension, and gain access to their data after syncing. They further take control through a fake Zoom update, allowing extensive control over the victim's browser and files while remaining stealthy and requiring minimal user interaction.
New Syncjacking Attack Hijacks Devices Using Chrome Extensions
