Google’s Chrome web browser Extensions are under attack with a series of developers being hacked within last one month.
Almost two weeks ago, we reported how unknown attackers managed to compromise the Chrome Web Store account of a developer team and hijacked Copyfish extension, and then modified it to distribute spam correspondence to users.
Just two days after that incident, some unknown attackers then hijacked another popular extension‘Web Developer‘ and then updated it to directly inject advertisements into the web browser of over its 1 million users.
After Chris Pederick, the creator of ‘Web Developer’ Chrome extension that offers various web development tools to its users, reported to Proofpoint that his extension had been compromised, the security vendor analysed the issue and found further add-ons in the Chrome Store that had also been altered.
According to the latest report published by the researchers at Proofpoint on Monday, the expanded list of compromised Chrome Extensions are as below:
- Chrometana (1.1.3)
- Infinity New Tab (3.12.3)
- CopyFish (2.8.5)
- Web Paint (1.2.1)
- Social Fixer (20.1.1)
Proofpoint researcher Kafeine also believes Chrome extensions TouchVPN and Betternet VPN were also compromised in the same way at the end of June.
In all the above cases, some unknown attackers first gained access to the developers’ Google web accounts by sending out phishing emails with malicious links to steal account credentials.
Source: The Hacker News