Hackers hijacked multiple Chrome extensions, injecting malicious code to steal user data, particularly targeting social media advertising accounts and AI platform credentials.
Cyberhaven reported the attack started after one of their employees fell for a phishing email disguised as an official Google communication, revealing the vulnerability of these Chrome extension developers.
The malicious code was pushed as an updated version of Cyberhaven’s Chrome extension, raising concerns about the security protocols for browser extensions and the potential for widespread data theft.
Despite the scale of the attack, Cyberhaven doesn't believe the attackers had any specific companies in mind; instead, they seem to be executing a mass phishing scheme.
Collection
[
|
...
]