**Hackers Utilize Chrome to Seize Control of Your Computer**

According to a report by cybersecurity firm [SquareX](https://sqrx.com/), cybercriminals have discovered a new technique for remotely commandeering computers through the Google Chrome browser. This advanced cyberattack, referred to as [“browser syncjacking,”](https://hackread.com/squarex-browser-syncjacking-attack-browser-device-control/) enables hackers to take over a victim’s browser, sensitive data, and even their complete device.

—

### **Mechanism of the Attack: Chrome Profile Hijacking**

The assault starts with a social engineering ploy: the hacker persuades the user to install a seemingly genuine Chrome extension. This extension, frequently found on the official Chrome Web Store, seems to operate as intended, enhancing its trustworthiness. It also requests minimal permissions, making it less likely to arouse suspicion.

Nonetheless, in the background, the extension clandestinely connects the user’s browser to a Google Workspace profile under the hacker’s control. Once this link is established, the attacker redirects the victim to a legitimate Google support page—but with content altered by the extension. The altered page urges the user to sync their Chrome profile.

If the user consents, all of their locally saved browser information—such as stored passwords, browsing history, and autofill details—is sent to the hacker’s managed profile. The attacker can then log into this profile on their own device and access the pilfered information.

—

### **Widening Control: Chrome Browser Seizure**

At this point, the hacker has already obtained sensitive information, but browser syncjacking enables them to escalate their assault even further.

For instance, SquareX illustrates how an attacker might employ Zoom to deceive the victim. The hacker alters the official Zoom website to present a fraudulent update notification. When the user downloads the update, they unknowingly install an executable file that enrolls their Chrome browser into the hacker’s Google Workspace.

This provides the hacker with greater authority, allowing them to access the victim’s Google Drive, emails, clipboard, and other personal information.

—

### **Complete Device Domination**

The final stage of the attack allows the hacker to assume control of the entire device.

By utilizing the same deceptive download technique—such as the phony Zoom update—the attacker inserts a registry entry that exploits Chrome’s Native Messaging protocol. This creates a direct communication path between the malicious extension and the victim’s computer.

Once this link is secured, the hacker can execute commands on the device, effectively obtaining full dominion. They can:

– Steal confidential information, including passwords, cryptocurrency wallets, and cookies
– Establish backdoors for future access
– Surveillance the victim’s activity by recording audio, capturing screenshots, and even manipulating the webcam
– Alter system settings and install additional malware

—

### **Tips for Safeguarding Yourself**

Browser syncjacking is an exceptionally covert attack, rendering it difficult for users to identify. The most effective way to safeguard yourself is to exercise caution regarding what you download. Only install Chrome extensions from reputable developers and confirm their authenticity before granting permissions.

By remaining alert, you can lessen the likelihood of becoming a victim of this perilous cyberattack.