Sneaky Extensions The MV3 Escape Artists
Vivek Ramachandran, Shourya Pratap Singh
DEF CON 32 Creator Stage · Day 1 · Creator Stage
In "Sneaky Extensions: The MV3 Escape Artists," Vivek Ramachandran and Shourya Pratap Singh deliver a sobering assessment of the pervasive and often underestimated threat posed by malicious browser extensions. The talk, presented at DEF CON 32, delves into the mechanics of how these extensions exploit browser architecture and user trust, even within the confines of Chrome's Manifest V3 (MV3) security model. The speakers, both from browser-native security company Square X, highlight that despite common misconceptions, official browser stores like the Chrome Web Store offer only superficial security checks, leaving millions of users vulnerable to sophisticated attacks.