Hacker attacks Chrome utility to install malware

Called Copyfish, this extension allows users to extract text from photos, PDF files and videos, which currently have more than 37,500 users.

Unfortunately, the utility was hijacked by an unknown attacker hijack. However, Firefox is not affected. The attacker even switched this utility to their account, preventing other developers from deleting the Chrome store, even after it was discovered.

'So far, it seems like a normal adware hack, but since we still don't have control over Copyfish, the thief can update the utility, after we get it back,' the developers said. warning 'we can't even disable it because it's no longer on the developer's account'.

How did hackers hijack Chrome utility?

Developers followed the phishing attack and found out that it took place on July 28. According to a9t9, a member of the group received a fake email, impersonating the Chrome Web Store group saying that it needs to update Copyfish or Google will remove it from the store.

Hackers attack the Chrome utility to send spam and advertise

Email the guide to click on the details in 'Click here to read more details' and open the Google password entry dialog box. This link is in bit.ly format, but since you have viewed the link in HTML format, you have no doubt and entered your account password.

Developers say the screen looks like Google, although there is no exact shot because it only appears once. 'It looks real so we didn't notice. Phishing through the Chrome utility is simply not in our mind. '

Once the account password was entered, the hacker updated Copyfish to version 2.8.5 on July 29, then sent spam and advertised to users. The worst is when the creators of Copyfish discovered the incident but could not do anything because the utility was removed from their account.

The company contacted Google for support and warned users that Copyfish is not under their control now. Users are encouraged to remove Copyfish if installed.