news 
Hackers Hijacked Legitimate Chrome Extensions to Try to Steal Data
In a disturbing cyberattack, hackers managed to infiltrate multiple legitimate Chrome browser extensions and inject malicious code designed to steal sensitive user information. The attack, which appears to be part of a broader campaign, was first reported by Reuters.
According to a blog post from one of the targeted companies, Cyberhaven, the malicious code was inserted into their own data loss prevention extension on Christmas Eve. Cyberhaven claims that it discovered the code just hours later and quickly removed it in an update to version 24.10.5.
The company warns that other organizations may have also been impacted by this attack, and advises them to check their logs for suspicious activity and revoke or rotate any passwords not using the FIDO2 multifactor authentication standard.
It appears that the hackers used a phishing email to gain access to the Chrome extensions’ systems, allowing them to push updates containing the malicious code. The goal of the attackers seems to be to steal browser cookies and authentication sessions, targeting specific social media advertising and AI platforms.
This attack highlights the importance of vigilance in the digital age. As cyberattacks continue to evolve and become more sophisticated, it is crucial that individuals and organizations take proactive steps to protect themselves from these threats.
It is also unclear whether other users who have installed these affected extensions may have inadvertently exposed their personal data to the hackers.
Source: www.theverge.com
