HomeTechnologyHackers Target Chrome Extensions with Malicious Code in Latest Attack

Hackers Target Chrome Extensions with Malicious Code in Latest Attack

In a concerning cybersecurity breach this December, hackers managed to inject malicious code into several Chrome extensions by exploiting admin accounts through a phishing campaign. Cybersecurity firm Cyberhaven revealed in a blog post that its own Chrome extension fell victim to this attack on December 24. The breach appeared to target logins for specific social media advertising platforms and AI tools.

The Scope of the Attack

The attack wasn’t limited to Cyberhaven’s extension. According to a Reuters report and additional insights from Nudge Security’s Jaime Blasco, other affected extensions included ParrotTalks, Uvoice, and VPNCity, with incidents reportedly occurring as early as mid-December. These malicious modifications gave attackers unauthorized access to sensitive user information, posing a serious risk to both individual users and businesses.

Also Read: New Zealand’s 1,500-HP Hypercar Delivers F1 Performance—If You Can Afford It

How the Attack Unfolded

Cyberhaven discovered the compromise on December 25 and immediately launched an investigation. The attackers had embedded malicious code designed to steal data from Facebook Ads accounts, including access tokens, user IDs, cookies, and other account details.

A particularly troubling aspect of the attack was the addition of a mouse click listener, which facilitated two-factor authentication (2FA) circumvention. Cyberhaven’s analysis noted, “After successfully sending all the data to the Command & Control server, the Facebook user ID is saved to browser storage. That user ID is then used in mouse click events to help attackers bypass 2FA if necessary.”

Also Read: Major Security Vulnerability Uncovered in AI Models by Researchers

Rapid Response and Containment

Despite the complexity of the attack, Cyberhaven acted swiftly. Within an hour of identifying the malicious activity, the company had removed the compromised version of its Chrome extension and rolled out a clean update to users. On December 26, Cyberhaven notified its customers via email, advising them to revoke and reset their passwords, access tokens, and any other potentially exposed credentials.

Protecting Users Moving Forward

The incident highlights the growing sophistication of cyberattacks targeting browser extensions—a seemingly small yet highly vulnerable vector for gaining access to sensitive data. Cyberhaven has reassured users that it has fortified its security measures to prevent similar breaches in the future. However, the company also emphasized the importance of user vigilance, urging customers to regularly review their online security practices and enable multi-factor authentication wherever possible.

Also Read: Leaked: Samsung Galaxy S25 Ultra Release Date Revealed

Broader Implications

 Chrome

This breach serves as a stark reminder of the risks associated with browser extensions, particularly for users managing sensitive data on platforms like Facebook Ads and AI tools. While browser extensions can enhance productivity, they also present an attractive target for hackers.

As the threat landscape evolves, cybersecurity experts recommend that users only download extensions from trusted sources, keep them updated, and periodically audit the permissions granted to these tools. For businesses, implementing robust monitoring systems and educating employees on phishing risks are critical steps to safeguard against future attacks.

By responding quickly and transparently, Cyberhaven and other affected companies have mitigated the immediate impact of this attack. However, the incident underscores the pressing need for heightened vigilance and stronger security measures in the digital ecosystem.

Also Read: LG Unveils UltraGear Bendable 5K OLED: A Game-Changer for Gaming Displays
Varshini
Varshini
I am Varshini, an Information Technology graduate with expertise in creating content that brings a lot of knowledge related to lifestyle. My articles cover topics such as fashion, beauty, technology, education, and travel, reflecting my enthusiasm for providing interesting and helpful information. In addition to my passion for writing, I enjoy watching movies, listening to music, and traveling. I am also interested in gaining knowledge about the new trends. You can view my social media profiles here.
RELATED ARTICLES

Most Popular