Cybercriminals Hijack Google Chrome Add-ons during Digital Assault

Title: How Chrome Extensions Were Compromised Over the Holiday Season

During this past festive season, several businesses got an unwelcome surprise as their Chrome extensions were targeted by cybercriminals.

Recent findings from Reuters reveal that a series of Chrome extensions were compromised during the past week. Notably, Cyberhaven – a prominent cybersecurity firm that was among the victims of this attack – uncovered the hack.

The cybercriminals behind the attack were able to infiltrate these extensions by injecting harmful code. The primary aim of this devious scheme was to steal user data, such as web browser cookies and authentication details. The hackers seemed particularly interested in accessing social media advertising accounts, specifically Facebook Ads accounts, and Artificial Intelligence platform credentials.

Cyberhaven revealed that on Christmas Eve, the cybercriminals rolled out an updated version of the Chrome extension carrying the harmful code to users. The security company discovered the breach on Christmas day and swiftly issued a fix within an hour. Subsequently, they started alerting users about the breach via email notifications the following morning.

The list of impacted Chrome extensions includes Internxt VPN, ParrotTalks, Uvoice, and VPNCity. According to the information available on the Chrome Web Store, each of these extensions boasts tens of thousands of users.

Cyberhaven is of the opinion that the hackers were not specifically targeting particular businesses. Instead, they believe that the cybercriminals launched a widespread phishing campaign, taking action with any recipient who clicked through.

Currently, it remains uncertain how many users of these Chrome extensions were affected by this breach.

Cybersecurity is a critical issue for all internet users, including those interested in investment. As we continue to rely heavily on technology for a vast array of activities, it’s crucial to stay informed about potential threats and take necessary precautions to safeguard our digital assets.

Tags: Cybersecurity, Google.

Comments are closed.