Small businesses and boutique organizations should use caution when leaning on browser-friendly artificial intelligence (AI) tools to generate ideas, content, and marketing copy, as a set of Google Chrome extensions were recently compromised to deliver info-stealing malware disguised as legitimate updates.
Analyzed by researchers at Extension Total, the cybercriminal campaign has managed to take over the accounts of at least 36 Google Chrome extensions that provide AI and VPN services. The compromised extensions include “Bard AI Chat,” “ChatGPT for Google Meet,” “ChatGPT App,” “ChatGPT Quick Access,” “VPNCity,” “Internxt VPN,” and more, which are used by an estimated total of 2.6 million people.
Read more…
Source: Malwarebytes Labs
Related:
- Russian state hackers rarely share code with one another
September 24, 2019
Russia’s state-sponsored hacking groups rarely share code with one another, and when they do, it’s usually within groups managed by the same intelligence service, a new joint report published today reveals. This report, co-authored by Check Point and Intezer Labs, is a first of its kind in its field. The two companies looked at nearly 2,000 ...
- Hello! My name is Dtrack
September 23, 2019
Kaspersky Lab investigation into the Dtrack RAT actually began with a different activity. In the late summer of 2018, we discovered ATMDtrack, a piece of banking malware targeting Indian banks. Further analysis showed that the malware was designed to be planted on the victim’s ATMs, where it could read and store the data of cards ...
- More Hidden App Malware Found on Google Play with over 2.1 Million Downloads
September 23, 2019
Malicious apps hide themselves after installation and aggressively display full-screen advertisements. In recent times we’ve seen multiple malicious apps found in the Google Play Store by various cyber security firms, including Symantec, yet this problem doesn’t seem to be dissipating. We have uncovered another wave of malicious apps in the Play Store which have been downloaded ...
- xHunt Campaign: Attacks on Kuwait Shipping and Transportation Organizations
September 23, 2019
The first known attack in this campaign targeted a Kuwait transportation and shipping company in which the actors installed a backdoor tool named Hisoka. Several custom tools were later downloaded to the system in order to carry out post-exploitation activities. All of these tools appear to have been created by the same developer. We were ...
- Magecart Skimming Attack Targets Mobile Users of Hotel Chain Booking Websites
September 18, 2019
Trend Micro discovered a series of incidents where the credit card skimming attack Magecart was used to hit the booking websites of chain-brand hotels — the second time we’ve seen a Magecart threat actor directly hit ecommerce service providers instead of going for individual stores or third-party supply chains. Back in May, we discovered a ...
- Critical Vulnerability in Harbor Enables Privilege Escalation from Zero to Admin (CVE-2019-16097)
September 18, 2019
Aviv Sasson, a security researcher from the cloud division of Unit 42, has identified a critical vulnerability in a widespread cloud native registry called Harbor. The vulnerability allows attackers to take over Harbor registries by sending them a malicious request. The maintainers of Harbor released a patch that closes this critical security hole. Versions 1.7.6 and 1.8.3 include this fix. Unit 42 has ...