Top Threats to Chromebooks and ChromeOS

Chromebook on desk guy in background

The popular consensus that Chromebooks and ChromeOS are superior in security among other devices and operating systems can be a dangerous belief that leads to complacency and negligence in implementing proper security measures. Chromebooks may have fewer security problems than other operating systems, but that does not mean there are zero threats to ChromeOS users and their security. This threat becomes increasingly important to consider when we note the popularity of Chromebooks in educational institutions as PC devices for students. 

 

Windows Malware on ChromeOS

Users on a ChromeOS device can still choose to install Windows 10 apps if they choose, which in turn brings Windows’ problems of malware to the ChromeOS user. Although running Windows apps on Chrome devices doesn’t guarantee an attack, it does mean the chances of an attack are greater, and that Chromebook’s promise of not allowing the downloading and launching of executable files, is no longer accurate. One may ask, why would someone download Windows apps on a Chrome device? Easy answer–comfortability. Those that have used Windows machines and Microsoft software for years may feel more comfortable using software they are already familiar with. Data that is stored on proprietary software at this point can now be accessed on a Chromebook by running Windows apps on ChromeOS. According to SentinelOne, older versions of ChromeOS would have offered no chance of downloading Windows apps. Due to the ability to run Linux apps, they can now install a Windows 10 emulator called “Wine”.

 

Malicious Browser Extensions

Browser extensions have long been a problem for software vendors in instances where users mistakenly download malicious software extensions onto their devices. Among the most common malicious browser extensions on ChromeOS, is MagnatExtension, which dates back to 2018. According to Decipher, MagnatExtension is delivered via an executable file with the function of preparing and installing the malicious extension. Once installed, the extension shows up for users as “Google’s Safe Browsing” and acts as if it is examining URLs for unsafe websites. Upon download, MagnatExtension uses several means to steal sensitive information. 

 

Chrome Zero Day Exploits

One of Google’s Chromebooks’ most valuable features is its ability to check and repair the operating system of the device upon reboot. Although a great feature for security, it cannot protect the user against zero-day vulnerabilities that are non-visible to the operating system at that point. 

According to ZDNet, the number of zero-day attacks on Chrome has steadily increased from seven in 2020, to fourteen in 2021. Although Google argued that the uptick in Chrome zero-days might be alarming for some, it may also indicate the company is getting better at catching and fixing them. 

 

Android Apps 

When Chromebooks were first introduced, they were touted as being highly secure because they prevented the most common way for security compromises to occur: the download and execution of executable files. The only problem was that Chromebooks weren’t that useful. Most people’s computing needs extend beyond the reach of the limited, and sometimes clunky, web apps being offered by Google.

Since those days, Chromebooks have gained the ability to download many different kinds of apps, increasing both their utility and their attack surface at the same time. Android apps give Chromebooks more versatility, but Android malware is also extremely common.

As previously mentioned, Chromebooks originally had made a promise to offer more secure devices by not allowing the download or execution of executable files. Although great for cybersecurity, this proved to be a constraint on what many users needed to be able to do on their devices. Due to this problem, Google gave Chromebooks the ability to download all different kinds of apps, making Chromebooks more convenient for users. While Android apps are available for download to users and offer additional convenience, malware on Android applications are also very common. 

According to iTechPost, an increasingly more common Android malware called “MaliBot” pretends to be a Chrome browser and works to steal credentials and cookies and get around multi-factor authentication (MFA) codes. Those who have been targeted most using MaliBot are the clients of Spanish and Italian financial institutions.

 

Securing Your Chromebook

The truth is, no matter the device or software, all computing devices are at risk of compromise. No devices or softwares are completely protected from the risk of compromise one hundred percent of the time. Cybercriminals have successfully hacked every type of device or operating system at one time or another. 

If you’re interested in taking a more secure stance on the security of your devices we’d love to help. AgileBlue offers a 24/7 SOC|XDR platform that is proven to detect indicators of attack across your entire digital infrastructure and cloud before a breach occurs. 

To request a demo, please provide information about yourself using the form below. A member of our team will reach out promptly.

You May Also Like…

Request a Demo

AgileBlue is a software company with an innovative SOC-as-a-Service for 24X7 network monitoring, cloud security, data privacy and compliance.

Our modern SOC-as-a-Service is built on innovative machine learning and autonomous execution. If you would like to discuss our SOC-as-a-Service, Partner Program or schedule a brief demo please give us a little info and we will contact you immediately.