this browser hack can steal everything

Breaking down this insane Polymorphic Browser Extension hack I demo that showcases a sophisticated technique involving polymorphic browser extensions. This method highlights the potential risks posed by browser extensions with extensive permissions, demonstrating how a malicious extension can masquerade as a legitimate one like 1Password to steal sensitive information. 00:00 Introduction to a Jaw-Dropping Hacking Demo 00:42 Understanding Polymorphic Extensions 02:04 Phases of the Attack 03:40 Live Demo of the Attack 06:36 Personal History and Early Research 10:09 Real-World Examples and Implications 12:46 Security Recommendations and Conclusion The Polymorphic Extension research - https://labs.sqrx.com/polymorphic-extensions-dd2310006e04 My 2011 BlackHat talk - https://youtu.be/KiE6VNjW8ic?si=AijtpDbuatMA2rAR MY OTHER SOCIALS 🌎Website / Blog https://www.vulnu.com/ 📰Newsletter / https://www.vulnu.com/subscribe/ 📷 Instagram / https://www.instagram.com/mattjayy 🐦Twitter / https://x.com/mattjay 🔗LinkedIn / https://www.linkedin.com/in/matthewjohansen/ 🦋 Bsky / https://bsky.app/profile/mattjay.com ABOUT ME In case we haven’t met yet, I’m your friendly neighborhood security guy 👋 I'm a computer security veteran who has helped defend startups, the biggest financial companies in the world, and everything in between. Through my podcast, free newsletter, and YouTube channel, I bring you curated cyber security news and personal and professional growth with a mental health cherry on top.