top of page

Hackers Hijack Legitimate Chrome Extensions in Data Theft Campaign

2/1/25

By:

Amitabh Srivastav

Targeted phishing attack plants malicious code in trusted browser extensions.

Targeted phishing attack plants malicious code in trusted browser extensions.

Introduction

Hackers have exploited several legitimate Chrome browser extensions, including Cyberhaven's data protection tool, injecting malicious code to steal cookies and user session data. The campaign, believed to target platforms like Facebook Ads and AI tools, began in December 2024.

Extent of the Breach

Extensions like Internxt VPN, VPNCity, and ParrotTalks were also compromised. Cyberhaven's breached update was active for nearly 25 hours, potentially exposing sensitive user data.



Recommendations for Users

  • Monitor suspicious activity in browser logs.

  • Update all affected extensions immediately.

  • Rotate passwords and implement FIDO2 multifactor authentication.

Conclusion

This breach underscores the importance of phishing awareness and extension security. Stay tuned to Kushal Bharat Tech News for the latest on cybersecurity.

All images used in the articles published by Kushal Bharat Tech News are the property of Verge. We use these images under proper authorization and with full respect to the original copyright holders. Unauthorized use or reproduction of these images is strictly prohibited. For any inquiries or permissions related to the images, please contact Verge directly.

Latest News

23/1/25

Xbox Introduces Support for Massive External Storage Solutions

New beta update enables Xbox Series X|S consoles to utilize hard drives exceeding 16TB.

23/1/25

Canon Sets a New Benchmark with 410-Megapixel 35mm Camera Sensor

Revolutionary 24K resolution sensor redefines imaging for industrial and professional applications.

23/1/25

Nvidia’s Journey to a Slimmer RTX 5090

How a bulky prototype evolved into a sleek two-slot design.

bottom of page