16 Chrome extensions hacked, over 600,000 users were exposed to data theft

Multimedia
  • 30-12-2024, 18:56
    • +A -A

    INA - SOURCES

    A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and exposing over 600,000 users to data exposure and credential theft.
    The attack targeted publishers of browser extensions on the Chrome Web Store via a phishing campaign and used their access permissions to insert malicious code into legitimate extensions in order to steal cookies and user access tokens.
    The first company to fall victim to the campaign was cybersecurity firm Cyberhaven, one of whose employees were targeted by a phishing attack on December 24, allowing the threat actors to publish a malicious version of the extension.
    On December 27th, Cyberhaven disclosed that a threat actor compromised its browser extension and injected malicious code to communicate with an external command-and-control (C&C) server located on the domain cyberhavenext[.]pro, download additional configuration files and exfiltrate user data.
    The phishing email, which purported to come from Google Chrome Web Store Developer Support, sought to induce a false sense of urgency by claiming that their extension was at imminent risk of removal from the extension store citing a violation of Developer Program Policies.

Related news

Behind the Scenes: The Technical Details of Arc’s Recent Vulnerability

  • Multimedia
  • 08:35

INA discusses 20 important files with UNITAD

  • politics/Security/International/Investigations and reports/Photo reports
  • 11:13

INA Discusses 13 Files with the United Nations Development Programme in Iraq

  • Investigations and reports
  • 03:38