Palo Alto, United States, March 28, 2025, Cybernewswire
From Wannacry to the hacking of MGM Resorts, Ransomware remains one of the most damaging cyber-stages to afflict companies. Chainalysis estimates that companies spend nearly a billion dollars in ransom each year, but the higher cost often comes from reputation damage and operational disturbances caused by the attack.
Ransomware attacks generally involve deceiving victims in the download and installation of ransomware, which copies, crypt and / or delete critical data on the device, to be restored on the payment of the ransom. Traditionally, the main target of ransomware was the victim’s device. However, thanks to the proliferation of cloud and SaaS services, the device no longer holds the keys to the kingdom. Instead, the browser has become the main means by which employees carry out work and interact with the Internet. In other words, the browser becomes the new ending point.
revealed major vulnerabilities of the navigator as and, and now issues a strong warning on the emergence of native native ransomware.
The founder of Squarex, warns, “with the recent increase in identity attacks based on the browser like the one we saw with the attack on Chrome Store Oauth, we are starting to see evidence of the” ingredients ” of the native navigator period is used by opponents. Defending against traditional ransomware, the future of ransomware will no longer imply file downloads, which makes a native browser solution a necessity to fight against native browser ransomware. »»
Unlike traditional ransomware, native browser ransomware requires no file download, which makes them completely undetectable by endpoint safety solutions. On the contrary, this attack targets the digital identity of the victim, taking advantage of the widespread change to business -based business storage and the fact that browser -based authentication is the main gateway to access these resources. In case studies, these attacks exploit AI agents to automate the majority of the attack sequence, requiring a minimum of social engineering and the attacker’s interference.
A potential scenario implies the social engineering of a user to grant a false productivity tool access to his email, by which he can identify all the Saas applications with which the victim is recorded. It can then systematically reset the password of these applications with AI agents, by saving users by themselves and by holding business data stored on these hostage applications.
Likewise, the attacker may also target file sharing services like Google Drive, Dropbox and Onedrive, using the victim’s identity to copy and delete all files stored under their account. Above all, attackers can also access all shared records, including those shared by colleagues, customers and other third parties. This considerably extends the attack surface of native native navigator ransomware – where the impact of most traditional ransomware is limited to a single device, all that is needed is the error of an employee for attackers to access full access to the resources on the scale of the company.
As fewer and fewer files are being downloaded, it is inevitable for attackers to follow where work and precious data are being created and storage. As browsers become the new termination point, it is crucial for companies to reconsider their browser safety strategy – just as EDRs were essential to defend themselves against files based on files, a native browser solution with an in -depth understanding of the identity attacks of the application layer on the customer side will become essential to combat the next generation of ransomware attacks.
