news 
Google Chrome 2FA Bypass Attacks Confirmed—Millions Of Users At Risk
A recent attack on a Chrome extension has confirmed the vulnerability of millions of users who use two-factor authentication (2FA) with their Google accounts. The attack, which was carried out by an attacker-in-the-middle technique, involved capturing and storing session cookies that are created when a correct 2FA code is entered.
The Chrome extension in question, Cyberhaven, had been compromised by malicious actors between Christmas Day and Boxing Day. During this period, the extension could have exfiltrated cookies and authenticated sessions for certain targeted websites, including social media advertising and AI platforms.
According to Ting, Cyberhaven’s founder, affected customers were notified immediately, along with those not impacted in a move towards complete transparency. The malicious extension was removed from the Chrome Web Store, and a secure version (24.10.5) was automatically deployed.
As a precautionary measure, Cyberhaven strongly recommends that users running version 24.10.4 of their Chrome extension update to the latest version or higher.
Source: www.forbes.com
