A recent analysis by GitLab revealed 16 malicious Chrome extensions that exploited millions of users, injecting code to commit fraud and disable critical security measures like Content Security Policy (CSP). These extensions, which had over 3.2 million installs, included tools like emoji keyboards and ad blockers. The attackers compromised developer accounts via phishing to introduce Trojan code, facilitating data exfiltration and weakening browser security. While Google acted to remove the harmful extensions from the Chrome Web Store, users must manually uninstall them to ensure their safety.
The malicious extensions compromised users by injecting code for fraud and disabling crucial security features, affecting millions before their removal.
Attackers accessed developer accounts via phishing tactics, enabling malicious code updates for extensions, which included adblockers, emoji keyboards, and proxy tools.
Collection
[
|
...
]