It is a classic supply-chain attack. The same modality is used by gamers to sell off their high-level characters, and social media accounts do "switcheroos" on posts, Pages, and Groups all the time.
You know, a lot of consumer cybersecurity focuses on malware, browser security, LAN services, but I propose that the new frontier of breaches involves browser extensions, "cloud integrations", and "app access" granted from accounts.
If I gave permission for Joe Random Developer's app to read, write, and delete everything in Gmail and Google Drive, that just set me up for ransomware or worse. Without a trace on any local OS. A virus scanner will never catch such attacks. The "Security Checkup" processes are slow and arduous. I often find myself laboriously revoking access and signing out obsolete sessions, one by one by one. There has got to be a better way.
If you buy someone's old gaming account (Steam for example) with many years of activity, you can appear more legitimate when trading, therefore making it easier for people to trust you and fall victim to your scam(s)
I think he was just saying that it is similar business to that. Just drawing comparison that there are a market like selling video games accounts. Also usually people who cheats in games will buy high level accounts because they will be banned much faster if they start playing with new accounts for cheats. This happens in some of the games I play all the time.
Companies spend a fortune on endpoint security and then let employees install random Chrome extensions with full page access. I've seen AWS console sessions running in browsers with a dozen extensions nobody's ever audited. The extension store is basically a supply chain attack marketplace at this point
You know, a lot of consumer cybersecurity focuses on malware, browser security, LAN services, but I propose that the new frontier of breaches involves browser extensions, "cloud integrations", and "app access" granted from accounts.
If I gave permission for Joe Random Developer's app to read, write, and delete everything in Gmail and Google Drive, that just set me up for ransomware or worse. Without a trace on any local OS. A virus scanner will never catch such attacks. The "Security Checkup" processes are slow and arduous. I often find myself laboriously revoking access and signing out obsolete sessions, one by one by one. There has got to be a better way.