Sekoia has issued a warning to Chrome users about a significant supply chain attack affecting browser extension developers. This attack has resulted in the theft of sensitive data such as API keys and session cookies from widely used online platforms, including ChatGPT and Facebook for Business. An investigation revealed the attack's infrastructure connected to earlier incidents noted since 2023, with a recent campaign detected in December 2024. Victims include Cyberhaven, with implications affecting millions of end users based on multiple reports of compromised extensions.
On December 5, 2024, our developer account was compromised due to a phishing email that mimicked official Chrome Web Store communications.
Sekoia's analysis shows a long history of similar attacks occurring since 2023, with new campaigns detected into December 2024.
Collection
[
|
...
]