Tech Blog
PrimeTel Logo

help Help & Support

SEARCH

Popular Chrome extensions hit by hackers

Popular Chrome extensions hit by hackers

SHARE IT

27 December 2024

While you were wrapping gifts or spending time with friends and family on Christmas Eve, hackers were seeking for methods to steal your information. According to Reuters, many firms have had their Chrome browser extensions hijacked by thieves in recent days, including the data protection company Cyberhaven on December 24.

“On December 24, a phishing attack compromised a Cyberhaven employee’s credentials to the Google Chrome Web Store,” Cyberhaven CEO Howard Ting wrote on the company’s blog. “The attacker used these credentials to publish a malicious version of our Chrome extension (version 24.10.4). Our security team detected this compromise at 11:54 PM UTC on December 25 and removed the malicious package within 60 minutes.”

According to Ting, only Chrome-based browsers that auto-updated between 1:32 AM UTC on December 25 and 2:50 AM UTC on December 26 were infected by the malicious malware. Cyberhaven alerted all users affected by the intrusion on December 26, and the organisation has subsequently released a secure version of the plugin.

Unfortunately, this was not an isolated situation with Chrome extensions. According to Nudge Security co-founder Jaime Blasco, hackers have hijacked other browser extensions as well, indicating that this is part of a larger campaign. On X, Blasco highlighted to numerous other extensions with dangerous malware that he discovered on the Chrome Web Store:

  • Internxt VPN – Free, Encrypted & Unlimited VPN (10,000 users)
  • VPNCity – Fast & Unlimited VPN | Unblocker (50,000 users)
  • Uvoice (40,000 users)
  • ParrotTalks (40,000 users)

Even that is only the top of the iceberg. In a lengthy blog post that is still routinely updated, cybersecurity practitioner John Tuckner discovered more extensions carrying the familiar malicious code (via Bleeping Computer): Bookmark Favicon Changer, Castorus, Wayin AI, Search Copilot AI Assistant, VidHelper, Vidnoz Flex, TinaMind, Primus, AI Shop Buddy, Sort by Age, Earny, ChatGPT Assistant, Keyboard History Recorder, and Email Hunter.

If you use any of these extensions, make sure they've been updated recently and that the developer is aware of the threat. In any case, if you suspect you've been compromised, you should reset all of your passwords immediately.

View them all

MORE NEWS FOR YOU

The 6 main trends in cybersecurity for 2025
03 January 2025

The 6 main trends in cybersecurity for 2025

Experts at global cybersecurity company ESET identify the most critical developments expected to shape the cybersecurity sector in 2025. From the rise of malicious ...
Telegram becomes profitable and adds many new features
02 January 2025

Telegram becomes profitable and adds many new features

With a fresh content release for the messenger, Telegram carries on its monthly feature upgrade tradition. Improvements for presents, filters, reactions, and other ...
Apple TV+ will be free to watch from January 3 to 5!
30 December 2024

Apple TV+ will be free to watch from January 3 to 5!

Apple is offering free access to its Apple TV+ streaming service this weekend, from January 3 to 5. The company announced the news on Monday, along with a short video ...