Hackers Hijack a Wide Range of Companies' Chrome Extensions

Hackers have compromised several different companies' Chrome browser extensions in a series of intrusions dating back to mid-December, according to one of the victims and experts who have examined the campaign. From a report: Among the victims was the California-based Cyberhaven, a data protection company that confirmed the breach in a statement to Reuters on Friday. "Cyberhaven can confirm that a malicious cyberattack occurred on Christmas Eve, affecting our Chrome extension," the statement said.

It cited public comments from cybersecurity experts. These comments, said Cyberhaven, suggested that the attack was "part of a wider campaign to target Chrome extension developers across a wide range of companies." Cyberhaven added: "We are actively cooperating with federal law enforcement." The geographical extent of the hacks was not immediately clear.

Hijacking adblockers will be next

[xack]

With all the amount code modifications that they do, there will be a huge incentive to inject a rogue rule into the filter list, and perform arbitrary code execution with it. Especially since malware ads appear on illegal or hacked sites. Combine this with the fact that people are using less popular browsers with less security reviews because of Chrome now using Manifest v3, this will be a minefield of vulnerabilities to come.

Solution

[rossdee]

Don't use Chrome

Re:

[ls671]

Not that I use Chrome that much, only for sites which only work well with it but your comment seems a little off-topic. Third party extensions can introduce vulnerabilities into any piece of software,

Re:

[Seven Spirals]

I'd love that solution. I'm a big user of browsers like Firefox, Otter, Dillo, eLinks, etc.. but Chrome is the new IE6. It's the default target for web "developers" these days and apparently whatever bullshit they do in Chrome cannot work in Firefox, too (or at least it often fails). It's going to be hard to avoid if you work in IT. My solution is to run it as sandboxed as possible on an account that doesn't have access to my main PC home directory. I personally run it via VNC on a system I frequently snaps

Good

[quonset]

Anything to kill that spyware is a good thing. The enemy of my enemy and all that.

a Wide Range of Companies

[awwshit]

> a Wide Range of Companies

But we'll only mention one in the article, just to keep you guessing. WTF?

Re:

[Scutter]

But we'll only mention one in the article, just to keep you guessing. WTF?

We'll only mention one company, that no one has ever heard of.

Another reason to NOT use Chrome....

[bsdetector101]

Too many other reasons in the past to not like it plus never like their layout/usage.