Attackers Keen on Automated Browsers
Infosecurity Magazine | November 29, 2018
Google Chrome has long been a popular web browser, but since the introduction of the headless mode functionality, the browser has grow in popularity not only among software engineers and testers but also with attackers, according to Imperva. According to recently published research, "Headless Chrome: DevOps Love It, So Do Hackers, Here’s Why," the headless technique has grown more popular, particularly since Chrome introduced the functionality last year. Additionally, malicious actors are using the technique to target specific sites and exploit newly released vulnerabilities. When Chrome is running without its “head," or GUI, the latest full version of the Chrome browser is executed with the added perk of being able to control it programmatically on servers without dedicated graphics or display.