Recent Cyberattack Targets Chrome Extensions: What You Need to Know
A concerning cyberattack campaign has been reported, involving the injection of malicious code into several popular Chrome browser extensions since mid-December. This incident has raised alarms among users and businesses alike, as it specifically targets authentication sessions and browser cookies, making it a significant threat to online security.
Details of the Attack
According to Reuters, the malicious code was designed to infiltrate specific platforms related to social media advertising and artificial intelligence (AI). The security company Cyberhaven, which was among the victims of this attack, linked the cyber breach to a phishing email.
Specific Targets
Cyberhaven's findings revealed that the code primarily aimed at compromising Facebook Ads accounts. Renowned security researcher Jaime Blasco commented on social media that the attack seemed random and not targeted at any specific entity, as he encountered similar malicious code embedded in various VPN and AI extensions.
Extensions Affected
Several other browser extensions that may have been affected by this attack include:
- Internxt VPN
- VPNCity
- Uvoice
- ParrotTalks
These vulnerabilities underscore the potential risks associated with using compromised software.
The Timeline of the Attack
Cyberhaven reported that on Christmas Eve at 8:32 PM ET, hackers pushed a malicious update (version 24.10.4) to its data loss prevention extension. The presence of malicious intent was discovered the following day, December 25, at 6:54 PM ET. Fortunately, the company responded swiftly, removing the harmful code within one hour; however, it remained operational until 9:50 PM ET that same day. To mitigate further risks, Cyberhaven has since released a clean version (version 24.10.5) of the extension.
Recommendations for Affected Users
In light of these events, Cyberhaven has provided several recommendations for companies and users who may be impacted:
- Review your logs for any suspicious activity.
- Revoke or rotate passwords that do not utilize the FIDO2 multifactor authentication standard.
Additionally, Cyberhaven promptly informed its customers about the breach through an email, as reported by TechCrunch.
Conclusion
As the digital landscape evolves, so do the tactics of cybercriminals. It is crucial for users and businesses to stay vigilant, regularly updating their security practices and remaining informed about potential threats. Keeping your browser extensions updated and monitoring for unusual behavior can help shield your online accounts and sensitive information from malicious attacks.



Commenta
Nota che i commenti devono essere approvati prima di essere pubblicati.
Questo sito è protetto da hCaptcha e applica le Norme sulla privacy e i Termini di servizio di hCaptcha.