Malicious Chrome Extensions Campaign Exposes User Data
A campaign involving 108 malicious Chrome extensions has stolen user sessions and Google data. Operating through a single C2 infrastructure, these extensions also injected unwanted ads into users' browsers. Millions of users' data might be at risk due to this widespread attack.
Malicious Chrome Extensions Campaign Exposes User Data
Recent reports indicate a significant cybersecurity campaign targeting Google Chrome users. This operation involved a total of 108 malicious Chrome extensions designed to steal sensitive user data and engage in various nefarious activities.
Attack Details
The attackers utilized a single Command and Control (C2) infrastructure to manage these extensions. Their primary objectives included hijacking user sessions and stealing data associated with Google accounts. Furthermore, these extensions injected unwanted advertisements into users' browsers, jeopardizing their security and negatively impacting their browsing experience.
Affected Data and Risks
- User Sessions: The theft of browser sessions can lead to unauthorized access to websites where users are logged in.
- Google Data: Access to data from Gmail, Google Drive, and other Google services can result in the misuse of personal information.
- Ad Injection: Malicious advertisements (malvertising) can redirect users to phishing sites or pages for downloading harmful software.
Recommendations for Users
To protect themselves from such attacks, users must exercise caution. Only install Chrome extensions from trusted and verified sources. Carefully check the permissions requested by extensions before installation, and avoid extensions that demand unnecessary access. Regularly review and remove unused extensions from your browser to enhance your security posture.
Has your email been leaked? Check for free — results in seconds.
Check Now →Source
https://www.infosecurity-magazine.com/news/chrome-extensions-expose-user-data/