Many hackers won’t touch web browsers beyondexploiting their vulnerabilities, but one group is taking things one step further. Kaspersky hasdetailedattempts by a Russian group, Turla, to fingerprint TLS-encrypted web traffic by modifying Chrome and Firefox. The team first infects systems with a remote access trojan and uses that to modify the browsers, starting with installing their own certificates (to intercept TLS traffic from the host) and then patching the pseudo-random number generation that negotiates TLS connections. That lets them add a fingerprint to every TLS action and passively track encrypted traffic.
GIPHY App Key not set. Please check settings