Google Chrome 2FA Bypass Attack Highlights Importance of Security Measures and Vigilance
news
2 min read
Google Chrome 2FA Bypass Attack Confirmed—What You Need To Know
In a recent announcement, Cyberhaven has confirmed that hackers have successfully bypassed two-factor authentication (2FA) in their Chrome browser extension. The attack, which began on Christmas Eve and was detected on Boxing Day, highlights the importance of keeping software up to date and being vigilant about suspicious activity.
According to reports, the hack exploited a vulnerability in the Google Chrome Web Store, allowing attackers to compromise an employee’s account through a phishing email. This led to the publication of a malicious version of Cyberhaven’s Chrome extension, which was only active for 24 hours before it was removed and replaced with a secure update.
In this attack, hackers were able to exfiltrate cookies and authenticated sessions for certain targeted websites, including social media advertising and AI platforms. The good news is that no other Cyberhaven systems, including their CI/CD processes and code signing keys, were compromised.
It’s worth noting that the impact of this hack was limited, as only customers using Chrome-based browsers that auto-updated during the period of the attack would have been affected. This means that those who manually updated or didn’t update at all are not impacted by this attack.
In response to the incident, Cyberhaven has taken steps to ensure the security and integrity of their systems. These measures include notifying all customers, removing the malicious extension from the Chrome Web Store, and automatically deploying a secure version of the extension.
It is recommended that any users who were running version 24.10.4 of the Cyberhaven Chrome extension during the affected period verify that their extension has been updated to version 24.10.5 or newer.
In conclusion, while this attack highlights the importance of cybersecurity, it also demonstrates the ability of attackers to exploit even the most well-established security measures. As such, it is essential for users to stay vigilant and keep their software up to date in order to avoid falling victim to similar attacks in the future.
Source: www.forbes.com
