Hacked Chrome extensions put 2.6 million users at risk of data leak

Your web browser is not just a tool for surfing the internet—it’s an ecosystem of its own, storing a wealth of sensitive information like passwords, search history, and financial details. Just as malicious apps can compromise data on your phone or PC, malicious browser extensions can also put your data at risk.

Recently, security researchers have uncovered a dangerous new campaign targeting browser extensions, putting over 2.6 million Chrome users in danger of having their browsing data and account credentials exposed. In total, around 36 extensions have been compromised, allowing hackers to access and steal sensitive user data through a variety of methods.

One common attack involves phishing campaigns that target the publishers of legitimate extensions on platforms like the Chrome Web Store. Attackers trick developers into granting permissions to malicious applications, which then insert harmful code into popular extensions. This code can steal cookies, access tokens, and other user data, putting millions of users at risk of data theft.

Cybersecurity firm Cyberhaven was the first to shed light on this campaign, after one of its employees was targeted by a phishing attack. Since then, Secure Annex has uncovered over twenty additional compromised extensions, including popular ones like AI Assistant – ChatGPT, Vindoz Flex Video Recorder, and Proxy SwitchyOmega.

To protect yourself from these malicious extensions, it’s crucial to remove any compromised extensions from your browser immediately. Secure Annex has provided a public Google Sheet with details about the malicious extensions they’ve found, including whether they’ve been updated or removed.

In addition to removing suspicious extensions, there are several other steps you can take to stay safe from malicious software. These include verifying emails and links before clicking, using strong antivirus software, limiting extension permissions, keeping your browser updated, regularly auditing your extensions, and reporting suspicious extensions to the official marketplace.

Hackers are constantly evolving their tactics, and browser extensions have become a prime target for stealing sensitive data. By staying vigilant and taking proactive steps to protect your data, you can reduce the risk of falling victim to these types of attacks. Remember, your online security is in your hands, so take the necessary precautions to safeguard your information.