Chrome Extension Attacks Target Site Owners

djbaxter

Administrator
Joined
Nov 10, 2016
Messages
1,986
Points
113
PSA: 4.8 Million Affected by Chrome Extension Attacks Targeting Site Owners
Wordfence.com
August 17, 2017

In June, July and August, developers of the following Chrome extensions had their login credentials stolen through a phishing attack. The extensions affected are:

  • Web Developer – Versions 0.4.9 affected
  • Chrometana – Version 1.1.3 affected
  • Infinity New Tab – Version 3.12.3 affected
  • CopyFish – Version 2.8.5 affected
  • Web Paint – Version 1.2.1 affected
  • Social Fixer 20.1.1 affected
  • TouchVPN appears to have been affected but the version is unclear
  • Betternet VPN also appears to have been affected but no version was provided

Based on total installs for these extensions, the attackers targeted a total of 4.8 million users. The developers of these Chrome extensions all had their account credentials compromised....

Once the attackers had access to modify the code in these Chrome extensions and release new code, they made a change that injected their own malicious Javascript into the extensions....

The code injects Javascript from the attacker’s own domain into the victim’s browser. The victim here is someone who is using the Chrome web browser and has one of these extensions installed.
This allows an attacker to perform any action as the victim. This includes accessing any website the victim is signed into and modifying the content of any web page that the victim views. Once an attacker has control of one of your Chrome extensions, they own your web browser.
Read more...
 

azgold

MVP
Joined
Nov 6, 2014
Messages
756
Points
63
Whoa! After reading your post, I'm especially glad that I don't use Chrome. Or any of the extensions.

I think most people consider Chrome much safer than other browsers. Guess it just reminds us that those who are determined enough can foil a lot of safeguards.

I'm a FF user myself. I don't think it's safer than Chrome but I try to be. Whenever I use sites that require my sensitive information, I ALWAYS check the https and the verification information before I type a single character. I don't mind being considered paranoid. :D Better safe than sorry.

I also have IBM's Rapport, which (among other things) is supposed to catch phishing sites.

This is an important thread, DJ - thanks!
 

djbaxter

Administrator
Joined
Nov 10, 2016
Messages
1,986
Points
113
I use Firefox also. I do have Chrome and others installed for testing websites but I don't use them for anything critical.
 

Weekly Digest

Weekly Digest
Subscribe/Unsubscribe
Top