Hacker attacks 8 extensions on Chrome

Extensions on Google Chrome are under attack and a bunch of developers have hacked accounts within the past month.

Nearly 2 weeks ago, we reported on how attackers hacked into the developers' Chrome Web Store account and attacked the Copyfish extension and then modified it to distribute spam to people. use.

Just two days after the attack, some unknown hackers captured another extension called Web Developer , then they updated this utility to directly infect ads into their web browser. 1 million users.

1. Hacker attacks Chrome utility to install malware

After Chris Pederick - founder of Web Developer utility reported to Proofpoint that his utility has been compromised, security vendors have analyzed and found a number of other add-ons in Chrome Store. also changed.

Hacker attacks 8 extensions on Chrome Picture 1

According to the latest report by researchers at Proofpoint on Monday, the list of compromised Chrome extensions includes:

1. Chrometana (1.1.3)
2. Infinity New Tab (3.12.3)
3. CopyFish (2.8.5)
4. Web Paint (1.2.1)
5. Social Fixer (20.1.1)

Proofpoint - Kafeine's researcher said that Chrome extensions, TouchVPN and Betternet VPN, were compromised in the same way at the end of June.

In all of these cases, some anonymous attackers have access to developers' Google web accounts by sending phishing emails with malicious links to steal account login information. .

When they gain control of the respective extensions, they will modify it to perform malicious actions or add Javascript malicious code to intentionally hijack network traffic, send fake ads and steal passwords. to generate revenue.

At the moment, it is unclear who is behind these attacks. Therefore, the best way to protect yourself from such attacks is to always be cautious of unwelcome emails and not click on links within suspicious documents unless the source is clearly identified.