16 hijacked browser extensions expose 3.2 million users

Cybercriminals are constantly finding new ways to exploit trusted apps and browser extensions, posing a significant threat to the online security of millions of users. A recent report has revealed that over 3.2 million users have been affected by a security breach involving malicious browser extensions. These extensions, which appeared legitimate, were secretly embedding harmful scripts, stealing data, and manipulating search results.

The security breach was uncovered by GitLab Security and involved a network of compromised browser extensions, including some linked to GitLab. The attackers infiltrated legitimate extensions through a supply chain breach and pushed malicious updates that embedded hidden scripts. These scripts allowed unauthorized data collection, altered HTTP requests, and injected ads into web pages without users’ knowledge.

The compromised extensions were originally built for tasks such as ad blocking, emoji input, and screen recording. However, they were repurposed through covert updates that exploited the extensive permissions granted by users, enabling real-time manipulation of web activity. This breach highlights the dangers of trusting seemingly legitimate tools without verifying their security.

Several commonly used extensions were identified as affected, including AdBlock Plus, Emoji Keyboard, Screen Capture Pro, Dark Mode Toggle, and others. Users are advised to assess the permissions of these extensions and consider removing them until official security updates are verified.

To protect sensitive information and maintain online privacy, users can take several measures. Keeping browsers and extensions up-to-date, installing extensions only from trusted sources, and having strong antivirus software are crucial steps. Users should also be cautious of extensions requesting unnecessary access, update their passwords regularly, and consider using a password manager.

In the wake of the security breach, it is essential for users to remove any compromised extensions from their browsers. By following simple steps to remove extensions from Google Chrome, users can mitigate the risk of falling victim to malicious activities. Additionally, considering data removal services to erase personal information from public databases can further reduce the risk of identity theft and scams.

In conclusion, browser extensions can enhance functionality but also pose significant security risks if not carefully managed. Users should treat their browsers as a key part of their digital security, regularly checking extensions and being cautious about automatic updates. By taking proactive steps to protect their online privacy, users can safeguard their sensitive information from cybercriminals.