There is a reason why companies like Google are trying to push for more websites to use HTTPS is because it helps to secure your web traffic. It helps to prevent attackers from interfering with the data transferred between the website and your browser. Unfortunately, a report from Kaspersky has revealed that Russian hackers might have found a way to track secure web traffic.
How this works is that these hackers patch locally installed web browsers like Chrome and Firefox, which in turn modifies how the browser runs. This means that through these modifications, even with the use of HTTPS, it will “fingerprint” the victim, which in turn will allow them to track users across websites.
However, oddly enough, it seems that this wasn’t done to break the encryption on websites, but rather to act as a secondary surveillance tool. This is done in the event that the user somehow discovers the original trojan and removes it from their computer, thus allowing the hackers to continue spying on the user’s activities.
The only way to actually remove it completely would be to do a fresh install of the browser, which not many people might think of doing. So far, the intended targets are located in Russia and Belarus where it is believed that it is done to snoop on political targets and dissidents.
Filed in Chrome, Firefox, Google, Hack, Mozilla, Privacy and Security. Source: securelist. Read more about