diff --git a/Core/build.xml b/Core/build.xml
index b9bad62858..ee1701a48d 100644
--- a/Core/build.xml
+++ b/Core/build.xml
@@ -138,8 +138,8 @@
-
+
release/modules/ext/spotbugs-annotations-4.6.0.jar
- ext/sqlite-jdbc-3.36.0.3.jar
- release/modules/ext/sqlite-jdbc-3.36.0.3.jar
+ ext/sqlite-jdbc-3.42.0.0.jar
+ release/modules/ext/sqlite-jdbc-3.42.0.0.jar
ext/txw2-2.3.3.jar
diff --git a/Core/src/org/sleuthkit/autopsy/report/modules/portablecase/PortableCaseReportModule.java b/Core/src/org/sleuthkit/autopsy/report/modules/portablecase/PortableCaseReportModule.java
index f15dcd1692..1b022d069f 100644
--- a/Core/src/org/sleuthkit/autopsy/report/modules/portablecase/PortableCaseReportModule.java
+++ b/Core/src/org/sleuthkit/autopsy/report/modules/portablecase/PortableCaseReportModule.java
@@ -1378,7 +1378,7 @@ public class PortableCaseReportModule implements ReportModule {
}
try {
- OsAccountRealm newRealm = newRealmManager.newWindowsRealm(oldRealm.getRealmAddr().orElse(null), realmName, newHost, oldRealm.getScope());
+ OsAccountRealm newRealm = newRealmManager.newWindowsRealm(oldOsAccount.getAddr().orElse(null), realmName, newHost, oldRealm.getScope());
oldRealmIdToNewRealm.put(oldOsAccount.getRealmId(), newRealm);
} catch (NotUserSIDException ex) {
throw new TskCoreException("Failed to copy OsAccountRealm with ID=" + oldOsAccount.getRealmId(), ex);
diff --git a/ImageGallery/nbproject/project.properties b/ImageGallery/nbproject/project.properties
index 3ae24ff4ac..d9bd5f605c 100644
--- a/ImageGallery/nbproject/project.properties
+++ b/ImageGallery/nbproject/project.properties
@@ -1,4 +1,4 @@
-file.reference.sqlite-jdbc-3.36.0.3.jar=release/modules/ext/sqlite-jdbc-3.36.0.3.jar
+file.reference.sqlite-jdbc-3.42.0.0.jar=release/modules/ext/sqlite-jdbc-3.42.0.0.jar
javac.source=17
javac.compilerargs=-Xlint -Xlint:-serial
license.file=LICENSE-2.0.txt
diff --git a/ImageGallery/nbproject/project.xml b/ImageGallery/nbproject/project.xml
index 18ec9ec6a1..7a505d2ea6 100644
--- a/ImageGallery/nbproject/project.xml
+++ b/ImageGallery/nbproject/project.xml
@@ -142,8 +142,8 @@
- ext/sqlite-jdbc-3.36.0.3.jar
- release/modules/ext/sqlite-jdbc-3.36.0.3.jar
+ ext/sqlite-jdbc-3.42.0.0.jar
+ release/modules/ext/sqlite-jdbc-3.42.0.0.jar
diff --git a/KeywordSearch/src/org/sleuthkit/autopsy/keywordsearch/Server.java b/KeywordSearch/src/org/sleuthkit/autopsy/keywordsearch/Server.java
index 7d68bcbf3f..d54d6964dd 100644
--- a/KeywordSearch/src/org/sleuthkit/autopsy/keywordsearch/Server.java
+++ b/KeywordSearch/src/org/sleuthkit/autopsy/keywordsearch/Server.java
@@ -2513,11 +2513,29 @@ public class Server {
* @throws SolrServerException
*/
private int queryNumFileChunks(long contentID) throws SolrServerException, IOException {
- String id = KeywordSearchUtil.escapeLuceneQuery(Long.toString(contentID));
- final SolrQuery q
- = new SolrQuery(Server.Schema.ID + ":" + id + Server.CHUNK_ID_SEPARATOR + "*");
- q.setRows(0);
- return (int) query(q).getResults().getNumFound();
+ final SolrQuery q = new SolrQuery();
+ q.setQuery("*:*");
+ String filterQuery = Schema.ID.toString() + ":" + KeywordSearchUtil.escapeLuceneQuery(Long.toString(contentID));
+ q.addFilterQuery(filterQuery);
+ q.setFields(Schema.NUM_CHUNKS.toString());
+ try {
+ SolrDocumentList solrDocuments = query(q).getResults();
+ if (!solrDocuments.isEmpty()) {
+ SolrDocument solrDocument = solrDocuments.get(0);
+ if (solrDocument != null) {
+ Object fieldValue = solrDocument.getFieldValue(Schema.NUM_CHUNKS.toString());
+ return (Integer)fieldValue;
+ }
+ }
+ } catch (Exception ex) {
+ // intentional "catch all" as Solr is known to throw all kinds of Runtime exceptions
+ logger.log(Level.SEVERE, "Error getting content from Solr. Solr document id " + contentID + ", query: " + filterQuery, ex); //NON-NLS
+ return 0;
+ }
+
+ // ERROR: we should never get here
+ logger.log(Level.SEVERE, "Error getting content from Solr. Solr document id " + contentID + ", query: " + filterQuery); //NON-NLS
+ return 0;
}
}
diff --git a/RecentActivity/nbproject/project.properties b/RecentActivity/nbproject/project.properties
index d7078e6616..1727284eb3 100644
--- a/RecentActivity/nbproject/project.properties
+++ b/RecentActivity/nbproject/project.properties
@@ -1,6 +1,6 @@
javac.source=17
file.reference.Rejistry-1.1-SNAPSHOT.jar=release/modules/ext/Rejistry-1.1-SNAPSHOT.jar
-file.reference.sqlite-jdbc-3.36.0.3.jar=release/modules/ext/sqlite-jdbc-3.36.0.3.jar
+file.reference.sqlite-jdbc-3.42.0.0.jar=release/modules/ext/sqlite-jdbc-3.42.0.0.jar
javac.compilerargs=-Xlint -Xlint:-serial
license.file=../LICENSE-2.0.txt
nbm.homepage=http://www.sleuthkit.org/autopsy/
diff --git a/RecentActivity/nbproject/project.xml b/RecentActivity/nbproject/project.xml
index a9b830a4cd..bf1d1df30b 100644
--- a/RecentActivity/nbproject/project.xml
+++ b/RecentActivity/nbproject/project.xml
@@ -88,8 +88,8 @@
release/modules/ext/Rejistry-1.1-SNAPSHOT.jar
- ext/sqlite-jdbc-3.36.0.3.jar
- release/modules/ext/sqlite-jdbc-3.36.0.3.jar
+ ext/sqlite-jdbc-3.42.0.0.jar
+ release/modules/ext/sqlite-jdbc-3.42.0.0.jar
diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chromium.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chromium.java
index f34b265442..7f1449c609 100644
--- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chromium.java
+++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chromium.java
@@ -29,6 +29,7 @@ import com.google.gson.JsonIOException;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import com.google.gson.JsonSyntaxException;
+import java.io.BufferedReader;
import org.openide.util.NbBundle;
import org.sleuthkit.autopsy.datamodel.ContentUtils;
import java.util.logging.Level;
@@ -51,6 +52,7 @@ import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException;
import org.sleuthkit.autopsy.casemodule.services.FileManager;
import org.sleuthkit.autopsy.coreutils.Logger;
import org.sleuthkit.autopsy.coreutils.NetworkUtils;
+import org.sleuthkit.autopsy.coreutils.PlatformUtil;
import org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProgress;
import org.sleuthkit.autopsy.ingest.IngestJobContext;
import org.sleuthkit.datamodel.AbstractFile;
@@ -105,10 +107,14 @@ class Chromium extends Extract {
private static final String FAVICON_ARTIFACT_NAME = "TSK_FAVICON"; //NON-NLS
private static final String LOCAL_STATE_ARTIFACT_NAME = "TSK_LOCAL_STATE"; //NON-NLS
private static final String EXTENSIONS_ARTIFACT_NAME = "TSK_CHROME_EXTENSIONS"; //NON-NLS
-
+ private static final String MALICIOUS_EXTENSION_FOUND = "Malicious Extension Found - ";
+
private Boolean databaseEncrypted = false;
private Boolean fieldEncrypted = false;
+ private static final String MALICIOUS_CHROME_EXTENSION_LIST = "malicious_chrome_extensions.csv";
+ private Map maliciousChromeExtensions;
+
private final Logger logger = Logger.getLogger(this.getClass().getName());
private Content dataSource;
private final IngestJobContext context;
@@ -154,7 +160,8 @@ class Chromium extends Extract {
this.dataSource = dataSource;
dataFound = false;
long ingestJobId = context.getJobId();
-
+ String now1 = "";
+ loadMaliciousChromeExetnsions();
userProfiles = new HashMap<>();
browserLocations = new HashMap<>();
for (Map.Entry browser : BROWSERS_MAP.entrySet()) {
@@ -607,10 +614,16 @@ class Chromium extends Extract {
version = "";
description = "";
extName = "";
- }
+ }
+ BlackboardArtifact art = null;
Collection bbattributes = new ArrayList<>();
bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_ID,
RecentActivityExtracterModuleFactory.getModuleName(), extension));
+ if (maliciousChromeExtensions.get(extension) != null) {
+ bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_COMMENT,
+ RecentActivityExtracterModuleFactory.getModuleName(),
+ MALICIOUS_EXTENSION_FOUND + maliciousChromeExtensions.getOrDefault(extension, "No Source Identified")));
+ }
bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME,
RecentActivityExtracterModuleFactory.getModuleName(), extName));
bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DESCRIPTION,
@@ -627,11 +640,11 @@ class Chromium extends Extract {
RecentActivityExtracterModuleFactory.getModuleName(), browserName));
try {
- bbartifacts.add(createArtifactWithAttributes(localStateArtifactType, extensionFile, bbattributes));
+ art = createArtifactWithAttributes(localStateArtifactType, extensionFile, bbattributes);
+ bbartifacts.add(art);
} catch (TskCoreException ex) {
logger.log(Level.SEVERE, String.format("Failed to create Extension artifact for file (%d)", extensionFile.getId()), ex);
}
-
}
if (!context.dataSourceIngestIsCancelled()) {
@@ -1674,4 +1687,35 @@ class Chromium extends Extract {
return faviconArtifactType;
}
+ /**
+ * Load the malicious chrome extension file to check
+ */
+ private void loadMaliciousChromeExetnsions() {
+ maliciousChromeExtensions = new HashMap<>();
+ try {
+ configExtractor();
+ String malChromeExtenList = PlatformUtil.getUserConfigDirectory() + File.separator + MALICIOUS_CHROME_EXTENSION_LIST;
+ BufferedReader csvReader = new BufferedReader(new FileReader(malChromeExtenList));
+ String row;
+ while ((row = csvReader.readLine()) != null) {
+ if (!row.startsWith("#", 0)) {
+ String[] data = row.split(",");
+ maliciousChromeExtensions.put(data[0], data[1]);
+ }
+ }
+ } catch (IOException ex) {
+ logger.log(Level.SEVERE, String.format("Failed to load Malicious Chrome Extension List file (%s)", MALICIOUS_CHROME_EXTENSION_LIST), ex);
+ }
+ }
+
+ /**
+ * Extract the malicious chrome extension config csv file to the user directory to process
+ *
+ * @throws org.sleuthkit.autopsy.ingest.IngestModule.IngestModuleException
+ */
+ private void configExtractor() throws IOException {
+ PlatformUtil.extractResourceToUserConfigDir(Chromium.class,
+ MALICIOUS_CHROME_EXTENSION_LIST, true);
+ }
+
}
diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java
index 8630ecf09b..d492631ffe 100644
--- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java
+++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java
@@ -413,6 +413,7 @@ class ExtractIE extends Extract {
logger.log(Level.INFO, "Writing pasco results to: {0}", outputFileFullPath); //NON-NLS
List commandLine = new ArrayList<>();
commandLine.add(JAVA_PATH);
+ commandLine.add("--add-exports=java.xml/com.sun.org.apache.xalan.internal.xsltc.dom=ALL-UNNAMED");
commandLine.add("-cp"); //NON-NLS
commandLine.add(PASCO_LIB_PATH);
commandLine.add("isi.pasco2.Main"); //NON-NLS
diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/malicious_chrome_extensions.csv b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/malicious_chrome_extensions.csv
new file mode 100644
index 0000000000..6459ce134c
--- /dev/null
+++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/malicious_chrome_extensions.csv
@@ -0,0 +1,336 @@
+# Detection Rule License (DRL) 1.1
+#
+# https://github.com/randomaccess3/detections
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of this rule set and associated documentation files (the "Rules"),
+# to deal in the Rules without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Rules, and to permit persons to whom the Rules are furnished to do so, subject to the following conditions:
+#
+# If you share the Rules (including in modified form), you must retain the following if it is supplied within the Rules:
+#
+# 1. identification of the authors(s) ("author" field) of the Rule and any others designated to receive attribution, in any reasonable manner requested by the Rule author (including by pseudonym if designated).
+#
+# 2. a URI or hyperlink to the Rule set or explicit Rule to the extent reasonably practicable
+#
+# 3. indicate the Rules are licensed under this Detection Rule License, and include the text of, or the URI or hyperlink to, this Detection Rule License to the extent reasonably practicable
+#
+# If you use the Rules (including in modified form) on data, messages based on matches with the Rules must retain the following if it is
+# supplied within the Rules:
+#
+# 1. identification of the authors(s) ("author" field) of the Rule and any others designated to receive attribution, in any reasonable manner
+# requested by the Rule author (including by pseudonym if designated).
+#
+# THE RULES ARE PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE RULES OR THE USE OR OTHER
+# DEALINGS IN THE RULES.
+extensionID,reference
+bgbeocleofdgkldamjapfgcglnmhmjgb,"https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/chrome-extensions-malicious-domains-used-to-steal-user-data"
+ncjbeingokdeimlmolagjaddccfdlkbd,"https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/chrome-extensions-malicious-domains-used-to-steal-user-data"
+cflijgpldfbmdijnkeoadcjpfgokoeck,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+ciiobgcookficfhfccnjfcdmhekiadje,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+cpdngajmgfolfjhnccalanfegdiebmbm,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+dfehheanbnmfndkffgmdaeindpjnicpi,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+djdcfiocijfjponepmbbdmbeblofhfff,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+epcdjnnpcbidnlehlklebmdijbjleefc,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+fichcldcnidefpllcpcpmnjipcdafjjl,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+fkacpajnbmglejpdaaeafjafjeleacnj,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+flhahaabnnkoccijodlhobjfchcchgjd,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+hadebekepjnjbcmpiphpecnibbfgonni,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+ijbcfkkcifjgnikfcmbdfbddcgjdmgga,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+iogkcdbmgbhoelodlobknifhlkljiepm,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+lamaflkhfcmnjcfkcolgmmlpajfholja,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+lepjcehmlpfdgholbejebidnnkkannpl,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+ljnppgaebjnbbahgmjajfbcoabdpopfb,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+llfdfhfdkdpkphlddncfjmajiciboanf,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+loiloamappomjnanlieaipcmlpmmolkg,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+mfdcjdgkcepgfcfgbadbekokbnlifbko,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+mgkmlkgpnffmhhfallpoknfmmkdkfejp,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+ndhhhgoicnabjcgnamebnbdgkpobbljm,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+njmjfnbhppmkpbbcfloagfmfokbokjgo,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+nofdiclilfkicekdajkiaieafeciemlh,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+pdfakgkkbagclonnhakillpkhoalfeef,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+pdlfbopkggkgdmgkejgjgnbdbmfcnfjn,"https://www.catonetworks.com/blog/threat-intelligence-feeds-and-endpoint-protection-systems-fail-to-detect-24-malicious-chrome-extensions/"
+aaeohfpkhojgdhocdfpkdaffbehjbmmd,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+abghmipjfclfpgmmelbgolfgmhnigbma,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+abjbfhcehjndcpbiiagdnlfolkbfblpb,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+almfnpjmjpnknlgpipillhfmchjikkno,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+bbjilncoookdcjjnkcdaofiollndepla,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+bblkckhknhmalchbceidkmjalmcmnkfa,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+blcfpeooekoekehdpbikibeblpjlehlh,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+dajgdhiemoaecngkpliephmheifopmjb,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+dcbfmglfdlgpnolgdjoioeocllioebpe,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+ddenjpheppdmfimooolgihimdgpilhfo,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+dealfjgnmkibkcldkcpbikenmajlglmc,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+dehhfjanlmglmabomenmpjnnopigplae,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+dibjpjiifnahccnokciamjlfgdlgimmn,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+eeacchjlmkcleifpppcjbmahcnlihamj,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+eebbihndkbkejmlgfoofigacgicamfha,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+ehibgcefkpbfkklbpahilhicidnhiboc,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+ekijhekekfckmkmbemiijdkihdibnbgh,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+emkkigmmpfbjmikfadmfeebomholoikg,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+eogoljjmndnjfikmcbmopmlhjnhbmdda,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+eohnfgagodblipmmalphhfepaonpnjgk,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+faopefnnleiebimhkldlplkgkjpbmcea,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+fdbmoflclpmkmeobidcgmfamkicinnlg,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+fekjbjbbdopogpamkmdjpjicapclgamj,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+fhkmacopackahlbnpcfijgphgoimpggb,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+fjclfmhapndgeabdcikbhemimpijpnah,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+fkllfgoempnigpogkgkgmghkchmjcjni,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+gbkmkgfjngebdcpklbkeccelcjaobblk,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+gdnkjjhpffldmfljpbfemliidkeeecdj,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+gelcjfdfebnabkielednfoogpbhdeoai,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+gjammdgdlgmoidmdfoefkeklnhmllpjp,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+gkemhapalomnipjhminflfhjcjehjhmp,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+gmljddfeipofcffbhhcpohkegndieeab,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+gpaaalbnkccgmmbkendiciheljgpdhob,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+icolkoeolaodpjogekifcidcdbgbdobc,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+iggmbfojpkfikoahlfghaalpbpkhfohc,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+igpcgjcdhmdjhdlgoncfnpkdipanlida,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+ilcbbngkolbclhlildojhgjdbkkehfia,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+jaehldonmiabhfohkenmlimnceapgpnp,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+jdoaaldnifinadckcbfkbiekgaebkeif,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+jepocknhdcgdmbiodbpopcbjnlgecdhf,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+jfnlkmaledafkdhdokgnhlcmeamakham,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+jmbmildjdmppofnohldicmnkojfhggmb,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+jpnamljnefhpbpcofcbonjjjkmfjbhdp,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+kdkpllchojjkbgephbbeacaahecgfpga,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+lebmkjafnodbnhbahbgdollaaabcmpbh,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+lgljionbhcfbnpjgfnhhoadpdngkmfnh,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+lhfibgclamcffnddoicjmoopmgomknmb,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+lidnmohoigekohfmdpopgcpigjkpemll,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+lojgkcienjoiogbfkbjiidpfnabhkckf,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+looclnmoilplejheganiloofamfilbcd,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+mjchijabihjkhmmaaihpgmhkklgakinl,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+nchdkdaknojhpimbfbejfcdnmjfbllhj,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+nfhpojfdhcdmimokleagkdcbkmcgfjkh,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+nlhocomjnfjedielocojomgfldbjmdjj,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+oanbpfkcehelcjjipodkaafialmfejmi,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+obbfndpanmiplgfcbeonoocobbnjdmdc,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+obcfkcpejehknjdollnafpebkcpkklbl,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+obmbmalbahpfbckpcfbipooimkldgphm,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+ocifcogajbgikalbpphmoedjlcfjkhgh,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+oehimkphpeeeneindfeekidpmkpffkgc,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+ofdfbeanbffehepagohhengmjnhlkich,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+ofpihhkeakgnnbkmcoifjkkhnllddbld,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+ogjfhmgoalinegalajpmjoliipdibhdm,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+ojofdaokgfdlbeomlelkiiipkocneien,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+opooaebceonakifaacigffdhogdgfadg,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+peglehonblabfemopkgmfcpofbchegcl,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+pjjghngpidphgicpgdebpmdgdicepege,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+pjpjefgijnjlhgegceegmpecklonpdjp,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+pmhlkgkblgeeigiegkmacefjoflennbn,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+pnhjnmacgahapmnnifmneapinilajfol,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+poppendnaoonepbkmjejdfebihohaalo,"https://duo.com/labs/research/crxcavator-malvertising-2020"
+acdfdofofabmipgcolilkfhnpoclgpdd,"https://github.com/mallorybowes/chrome-mal-ids"
+aemaecahdckfllfldhgimjhdgiaahean,"https://github.com/mallorybowes/chrome-mal-ids"
+akdbogfpgohikflhccclloneidjkogog,"https://github.com/mallorybowes/chrome-mal-ids"
+aoeacblfmdamdejeiaepojbhohhkmkjh,"https://github.com/mallorybowes/chrome-mal-ids"
+aonedlchkbicmhepimiahfalheedjgbh,"https://github.com/mallorybowes/chrome-mal-ids"
+bhcpgfhiobcpokfpdahijhnipenkplji,"https://github.com/mallorybowes/chrome-mal-ids"
+bhfoemlllidnfefgkeaeocnageepbael,"https://github.com/mallorybowes/chrome-mal-ids"
+bmcnncbmipphlkdmgfbipbanmmfdamkd,"https://github.com/mallorybowes/chrome-mal-ids"
+ceoldlgkhdbnnmojajjgfapagjccblib,"https://github.com/mallorybowes/chrome-mal-ids"
+cgpbghdbejagejmciefmekcklikpoeel,"https://github.com/mallorybowes/chrome-mal-ids"
+chmaijbnjdnkjknoigffoohjhpejjppd,"https://github.com/mallorybowes/chrome-mal-ids"
+cjmpdadldchjmljhkigoeejegmghaabp,"https://github.com/mallorybowes/chrome-mal-ids"
+dambkkeeabmnhelekdekfmabnckghdih,"https://github.com/mallorybowes/chrome-mal-ids"
+dgjmdlifhbljhmgkjbojeejmeeplapej,"https://github.com/mallorybowes/chrome-mal-ids"
+dljdbmkffjijepjnkonndbdiakjfdcic,"https://github.com/mallorybowes/chrome-mal-ids"
+dppilebghcniomddkpphiminideiajff,"https://github.com/mallorybowes/chrome-mal-ids"
+eikbfklcjampfnmclhjeifbmfkpkfpbn,"https://github.com/mallorybowes/chrome-mal-ids"
+ejfajpmpabphhkcacijnhggimhelopfg,"https://github.com/mallorybowes/chrome-mal-ids"
+emechknidkghbpiodihlodkhnljplpjm,"https://github.com/mallorybowes/chrome-mal-ids"
+eoeoincjhpflnpdaiemgbboknhkblome,"https://github.com/mallorybowes/chrome-mal-ids"
+fbhbpnjkpcdmcgcpfilooccjgemlkinn,"https://github.com/mallorybowes/chrome-mal-ids"
+fgaapohcdolaiaijobecfleiohcfhdfb,"https://github.com/mallorybowes/chrome-mal-ids"
+fmfjhicbjecfchfmpelfnifijeigelme,"https://github.com/mallorybowes/chrome-mal-ids"
+gfjocjagfinihkkaahliainflifnlnfc,"https://github.com/mallorybowes/chrome-mal-ids"
+glgemekgfjppocilabhlcbngobillcgf,"https://github.com/mallorybowes/chrome-mal-ids"
+hajlccgbgjdcjaommiffaphjdndpjcio,"https://github.com/mallorybowes/chrome-mal-ids"
+hdbipekpdpggjaipompnomhccfemaljm,"https://github.com/mallorybowes/chrome-mal-ids"
+ibehiiilehaakkhkigckfjfknboalpbe,"https://github.com/mallorybowes/chrome-mal-ids"
+ickfamnaffmfjgecbbnhecdnmjknblic,"https://github.com/mallorybowes/chrome-mal-ids"
+iibnodnghffmdcebaglfgnfkgemcbchf,"https://github.com/mallorybowes/chrome-mal-ids"
+inlgdellfblpplcogjfedlhjnpgafnia,"https://github.com/mallorybowes/chrome-mal-ids"
+jhcfnojahmdghhebdaoijngclknfkbjn,"https://github.com/mallorybowes/chrome-mal-ids"
+jlkfgpiicpnlbmmmpkpdjkkdolgomhmb,"https://github.com/mallorybowes/chrome-mal-ids"
+klbibkeccnjlkjkiokjodocebajanakg,"https://github.com/mallorybowes/chrome-mal-ids"
+klejifgmmnkgejbhgmpgajemhlnijlib,"https://github.com/mallorybowes/chrome-mal-ids"
+klmjcelobglnhnbfpmlbgnoeippfhhil,"https://github.com/mallorybowes/chrome-mal-ids"
+lalpacfpfnobgdkbbpggecolckiffhoi,"https://github.com/mallorybowes/chrome-mal-ids"
+ldbfffpdfgghehkkckifnjhoncdgjkib,"https://github.com/mallorybowes/chrome-mal-ids"
+lfedlgnabjompjngkpddclhgcmeklana,"https://github.com/mallorybowes/chrome-mal-ids"
+lgjogljbnbfjcaigalbhiagkboajmkkj,"https://github.com/mallorybowes/chrome-mal-ids"
+lmcajpniijhhhpcnhleibgiehhicjlnk,"https://github.com/mallorybowes/chrome-mal-ids"
+lnocaphbapmclliacmbbggnfnjojbjgf,"https://github.com/mallorybowes/chrome-mal-ids"
+mbacbcfdfaapbcnlnbmciiaakomhkbkb,"https://github.com/mallorybowes/chrome-mal-ids"
+mdnmhbnbebabimcjggckeoibchhckemm,"https://github.com/mallorybowes/chrome-mal-ids"
+mdpgppkombninhkfhaggckdmencplhmg,"https://github.com/mallorybowes/chrome-mal-ids"
+mdpljndcmbeikfnlflcggaipgnhiedbl,"https://github.com/mallorybowes/chrome-mal-ids"
+miejmllodobdobgjbeonandkjhnhpjbn,"https://github.com/mallorybowes/chrome-mal-ids"
+mnafnfdagggclnaggnjajohakfbppaih,"https://github.com/mallorybowes/chrome-mal-ids"
+napifgkjbjeodgmfjmgncljmnmdefpbf,"https://github.com/mallorybowes/chrome-mal-ids"
+nilbfjdbacfdodpbdondbbkmoigehodg,"https://github.com/mallorybowes/chrome-mal-ids"
+njdkgjbjmdceaibhngelkkloceihelle,"https://github.com/mallorybowes/chrome-mal-ids"
+npdpplbicnmpoigidfdjadamgfkilaak,"https://github.com/mallorybowes/chrome-mal-ids"
+ojmbbkdflpfjdceflikpkbbmmbfagglg,"https://github.com/mallorybowes/chrome-mal-ids"
+oknpgmaeedlbdichgaghebhiknmghffa,"https://github.com/mallorybowes/chrome-mal-ids"
+olkpikmlhoaojbbmmpejnimiglejmboe,"https://github.com/mallorybowes/chrome-mal-ids"
+onbkopaoemachfglhlpomhbpofepfpom,"https://github.com/mallorybowes/chrome-mal-ids"
+oobppndjaabcidladjeehddkgkccfcpn,"https://github.com/mallorybowes/chrome-mal-ids"
+pcaaejaejpolbbchlmbdjfiggojefllp,"https://github.com/mallorybowes/chrome-mal-ids"
+pccfaccnfkjmdlkollpiaialndbieibj,"https://github.com/mallorybowes/chrome-mal-ids"
+pfnmibjifkhhblmdmaocfohebdpfppkf,"https://github.com/mallorybowes/chrome-mal-ids"
+pgjndpcilbcanlnhhjmhjalilcmoicjc,"https://github.com/mallorybowes/chrome-mal-ids"
+phoehhafolaebdpimmbmlofmeibdkckp,"https://github.com/mallorybowes/chrome-mal-ids"
+aeocankoflefcaiabdkdjkenofcpjagb,"https://github.com/uku/malicious-chrome-extensions"
+alddjbjplgobbllfolehibiclbhmomla,"https://github.com/uku/malicious-chrome-extensions"
+emmoddikhgncnaikamapbkggedoafomi,"https://github.com/uku/malicious-chrome-extensions"
+fmakoabecaggdofhohcdjiaifnkmpldj,"https://github.com/uku/malicious-chrome-extensions"
+gighmmpiobklfepjocnamgkkbiglidom,"https://blog.avast.com/greedy-cybercriminals-host-malware-on-github"
+acmnokigkgihogfbeooklgemindnbine,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+apgohnlmnmkblgfplgnlmkjcpocgfomp,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+apjnadhmhgdobcdanndaphcpmnjbnfng,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+bahkljhhdeciiaodlkppoonappfnheoi,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+bannaglhmenocdjcmlkhkcciioaepfpj,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+bgffinjklipdhacmidehoncomokcmjmh,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+bifdhahddjbdbjmiekcnmeiffabcfjgh,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+bjpknhldlbknoidifkjnnkpginjgkgnm,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+blngdeeenccpfjbkolalandfmiinhkak,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+ccdfhjebekpopcelcfkpgagbehppkadi,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+cceejgojinihpakmciijfdgafhpchigo,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+cebjhmljaodmgmcaecenghhikkjdfabo,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+chbpnonhcgdbcpicacolalkgjlcjkbbd,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+cifafogcmckphmnbeipgkpfbjphmajbc,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+clopbiaijcfolfmjebjinippgmdkkppj,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+cpgoblgcfemdmaolmfhpoifikehgbjbf,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+dcmjopnlojhkngkmagminjbiahokmfig,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+deiiiklocnibjflinkfmefpofgcfhdga,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+dipecofobdcjnpffbkmfkdbfmjfjfgmn,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+dopkmmcoegcjggfanajnindneifffpck,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+dopmojabcdlfbnppmjeaajclohofnbol,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+edcepmkpdojmciieeijebkodahjfliif,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+ekbecnhekcpbfgdchfjcfmnocdfpcanj,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+elflophcopcglipligoibfejllmndhmp,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+eogfeijdemimhpfhlpjoifeckijeejkc,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+fcobokliblbalmjmahdebcdalglnieii,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+fgafnjobnempajahhgebbbpkpegcdlbf,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+fgcomdacecoimaejookmlcfogngmfmli,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+fgmeppijnhhafacemgoocgelcflipnfd,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+fhanjgcjamaagccdkanegeefdpdkeban,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+flfkimeelfnpapcgmobfgfifhackkend,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+fmahbaepkpdimfcjpopjklankbbhdobk,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+foebfmkeamadbhjcdglihfijdaohomlm,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+fpngnlpmkfkhodklbljnncdcmkiopide,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+gdifegeihkihjbkkgdijkcpkjekoicbl,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+gfcmbgjehfhemioddkpcipehdfnjmief,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+gfdefkjpjdbiiclhimebabkmclmiiegk,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+ggijmaajgdkdijomfipnpdfijcnodpip,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+ghgjhnkjohlnmngbniijbkidigifekaa,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+gllihgnfnbpdmnppfjdlkciijkddfohn,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+gmmohhcojdhgbjjahhpkfhbapgcfgfne,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+gofhadkfcffpjdbonbladicjdbkpickk,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+hapicipmkalhnklammmfdblkngahelln,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+hijipblimhboccjcnnjnjelcdmceeafa,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+hmamdkecijcegebmhndhcihjjkndbjgk,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+hodfejbmfdhcgolcglcojkpfdjjdepji,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+hpfijbjnmddglpmogpaeofdbehkpball,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+ianfonfnhjeidghdegbkbbjgliiciiic,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+ibfjiddieiljjjccjemgnoopkpmpniej,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+inhdgbalcopmbpjfincjponejamhaeop,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+iondldgmpaoekbgabgconiajpbkebkin,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+ipagcbjbgailmjeaojmpiddflpbgjngl,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+jagbooldjnemiedoagckjomjegkopfno,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+jdheollkkpfglhohnpgkonecdealeebn,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+jfefcmidfkpncdkjkkghhmjkafanhiam,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+jfgkpeobcmjlocjpfgocelimhppdmigj,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+jghiljaagglmcdeopnjkfhcikjnddhhc,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+jgjakaebbliafihodjhpkpankimhckdf,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+jiiinmeiedloeiabcgkdcbbpfelmbaff,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+jkdngiblfdmfjhiahibnnhcjncehcgab,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+jkofpdjclecgjcfomkaajhhmmhnninia,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+kbdbmddhlgckaggdapibpihadohhelao,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+keceijnpfmmlnebgnkhojinbkopolaom,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+khhemdcdllgomlbleegjdpbeflgbomcj,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+kjdcopljcgiekkmjhinmcpioncofoclg,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+kjgaljeofmfgjfipajjeeflbknekghma,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+labpefoeghdmpbfijhnnejdmnjccgplc,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+lameokaalbmnhgapanlloeichlbjloak,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+lbeekfefglldjjenkaekhnogoplpmfin,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+lbhddhdfbcdcfbbbmimncbakkjobaedh,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+ldoiiiffclpggehajofeffljablcodif,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+lhjdepbplpkgmghgiphdjpnagpmhijbg,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+ljddilebjpmmomoppeemckhpilhmoaok,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+ljnfpiodfojmjfbiechgkbkhikfbknjc,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+lnedcnepmplnjmfdiclhbfhneconamoj,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+lnlkgfpceclfhomgocnnenmadlhanghf,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+loigeafmbglngofpkkddgobapkkcaena,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+lpajppfbbiafpmbeompbinpigbemekcg,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+majekhlfhmeeplofdolkddbecmgjgplm,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+mapafdeimlgplbahigmhneiibemhgcnc,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+mcfeaailfhmpdphgnheboncfiikfkenn,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+mgkjakldpclhkfadefnoncnjkiaffpkp,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+mhinpnedhapjlbgnhcifjdkklbeefbpa,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+mihiainclhehjnklijgpokdpldjmjdap,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+mmkakbkmcnchdopphcbphjioggaanmim,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+mopkkgobjofbkkgemcidkndbglkcfhjj,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+mpifmhgignilkmeckejgamolchmgfdom,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+nabmpeienmkmicpjckkgihobgleppbkc,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+nahhmpbckpgdidfnmfkfgiflpjijilce,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+ncepfbpjhkahgdemgmjmcgbgnfdinnhk,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+npaklgbiblcbpokaiddpmmbknncnbljb,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+npdfkclmbnoklkdebjfodpendkepbjek,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+nplenkhhmalidgamfdejkblbaihndkcm,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+oalfdomffplbcimjikgaklfamodahpmi,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+odnakbaioopckimfnkllgijmkikhfhhf,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+oklejhdbgggnfaggiidiaokelehcfjdp,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+omgeapkgiddakeoklcapboapbamdgmhp,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+oonbcpdabjcggcklopgbdagbfnkhbgbe,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+opahibnipmkjincplepgjiiinbfmppmh,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+pamchlfnkebmjbfbknoclehcpfclbhpl,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+pcfapghfanllmbdfiipeiihpkojekckk,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+pchfjdkempbhcjdifpfphmgdmnmadgce,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+pdpcpceofkopegffcdnffeenbfdldock,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+pgahbiaijngfmbbijfgmchcnkipajgha,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+pidohlmjfgjbafgfleommlolmbjdcpal,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+pilplloabdedfmialnfchjomjmpjcoej,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+pklmnoldkkoholegljdkibjjhmegpjep,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+pknkncdfjlncijifekldbjmeaiakdbof,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+plmgefkiicjfchonlmnbabfebpnpckkk,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+pnciakodcdnehobpfcjcnnlcpmjlpkac,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+ponodoigcmkglddlljanchegmkgkhmgb,"https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt"
+acmnokigkgihogfbeooklgemindnbine,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+apgohnlmnmkblgfplgnlmkjcpocgfomp,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+apjnadhmhgdobcdanndaphcpmnjbnfng,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+bahkljhhdeciiaodlkppoonappfnheoi,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+bannaglhmenocdjcmlkhkcciioaepfpj,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+bgffinjklipdhacmidehoncomokcmjmh,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+bifdhahddjbdbjmiekcnmeiffabcfjgh,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+bjpknhldlbknoidifkjnnkpginjgkgnm,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+blngdeeenccpfjbkolalandfmiinhkak,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+ccdfhjebekpopcelcfkpgagbehppkadi,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+cceejgojinihpakmciijfdgafhpchigo,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+cebjhmljaodmgmcaecenghhikkjdfabo,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+chbpnonhcgdbcpicacolalkgjlcjkbbd,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+cifafogcmckphmnbeipgkpfbjphmajbc,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+clopbiaijcfolfmjebjinippgmdkkppj,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+cpgoblgcfemdmaolmfhpoifikehgbjbf,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+dcmjopnlojhkngkmagminjbiahokmfig,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+deiiiklocnibjflinkfmefpofgcfhdga,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+dipecofobdcjnpffbkmfkdbfmjfjfgmn,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+dopkmmcoegcjggfanajnindneifffpck,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+dopmojabcdlfbnppmjeaajclohofnbol,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+edcepmkpdojmciieeijebkodahjfliif,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+ekbecnhekcpbfgdchfjcfmnocdfpcanj,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+elflophcopcglipligoibfejllmndhmp,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+eogfeijdemimhpfhlpjoifeckijeejkc,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+fcobokliblbalmjmahdebcdalglnieii,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+fgafnjobnempajahhgebbbpkpegcdlbf,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+oiigbmnaadbkfbmpbfijlflahbdbdgdf,"https://heimdalsecurity.com/blog/malicious-chrome-extension/"
+andnkmffoleapmidfgnnjjoepadbiika,"https://www.gosecure.net/blog/2022/02/10/malicious-chrome-browser-extension-exposed-chromeback-leverages-silent-extension-loading/"
+adikhbfjdbjkhelbdnffogkobkekkkej,"https://www.mcafee.com/blogs/other-blogs/mcafee-labs/malicious-cookie-stuffing-chrome-extensions-with-1-4-million-users"
+flijfnhifgdcbhglkneplegafminjnhn,"https://www.mcafee.com/blogs/other-blogs/mcafee-labs/malicious-cookie-stuffing-chrome-extensions-with-1-4-million-users"
+gbnahglfafmhaehbdmjedfhdmimjcbed,"https://www.mcafee.com/blogs/other-blogs/mcafee-labs/malicious-cookie-stuffing-chrome-extensions-with-1-4-million-users"
+mmnbenehknklpbendgmgngeaignppnbe,"https://www.mcafee.com/blogs/other-blogs/mcafee-labs/malicious-cookie-stuffing-chrome-extensions-with-1-4-million-users"
+pojgkmkfincpdkdgjepkmdekcahmckjp,"https://www.mcafee.com/blogs/other-blogs/mcafee-labs/malicious-cookie-stuffing-chrome-extensions-with-1-4-million-users"
diff --git a/Testing/build.xml b/Testing/build.xml
index eea244f7ef..8fd1aaa89c 100644
--- a/Testing/build.xml
+++ b/Testing/build.xml
@@ -58,6 +58,7 @@
+
diff --git a/Testing/src/org/sleuthkit/autopsy/testing/AutopsyTestCases.java b/Testing/src/org/sleuthkit/autopsy/testing/AutopsyTestCases.java
index dd7593eceb..1507e14792 100644
--- a/Testing/src/org/sleuthkit/autopsy/testing/AutopsyTestCases.java
+++ b/Testing/src/org/sleuthkit/autopsy/testing/AutopsyTestCases.java
@@ -68,6 +68,7 @@ import org.netbeans.jemmy.operators.JLabelOperator;
import org.netbeans.jemmy.operators.JListOperator;
import org.netbeans.jemmy.operators.JTabbedPaneOperator;
import org.netbeans.jemmy.operators.JTableOperator;
+import org.netbeans.jemmy.operators.JTextAreaOperator;
import org.netbeans.jemmy.operators.JTextFieldOperator;
import org.netbeans.jemmy.operators.JToggleButtonOperator;
import org.netbeans.jemmy.operators.JTreeOperator;
@@ -438,7 +439,7 @@ public class AutopsyTestCases {
jbo1.pushNoBlock();
JDialog previewDialog = JDialogOperator.waitJDialog("Progress", false, false);
JDialogOperator previewDialogOperator = new JDialogOperator(previewDialog);
- JLabelOperator.waitJLabel(previewDialog, "Complete", false, false);
+ JTextAreaOperator.waitJTextArea(previewDialog, "Complete", false, false);
JButtonOperator jbo2 = new JButtonOperator(previewDialogOperator, "Close");
jbo2.pushNoBlock();
new Timeout("pausing", 10000).sleep();