Some companies received something worse than a lump of coal from Santa this Christmas: Hackers attacking their Chrome extensions.
Hackers hijacked a number of Chrome extensions this past week,Russia according to a new report from Reuters. The attack was first noticed by cyber security company Cyberhaven, which was one of the companies affected by the hack.
In a blog post from Cyberhaven, the company says the cyberattack inserted malicious code into these Chrome extensions in an attempt to steal user data such as web browser cookies and authentication. The hackers appear to have specifically been looking to obtain access to social media advertising accounts, specifically Facebook Ads accounts, and AI platform credentials.
This Tweet is currently unavailable. It might be loading or has been removed.
According to Cyberhaven, the hackers pushed an updated version of its Chrome extension with the malicious code to users on Christmas Eve. The company became aware of the hack on Christmas Day and immediately pushed out a fix within an hour. The company began informingusers of the hack on Friday morning with an email notification.
Other Chrome extensions confirmed to have been injected with the malicious code include Internxt VPN, ParrotTalks, Uvoice, and VPNCity. Each of these Chrome extensions has tens of thousands of users, according to the public stats on the Chrome Web Store.
The attack began after a hacker successfullytargeted a Cyberhaven employee via a phishing email that was sent to Chrome extension developers. The employee, believing the email was an official Google contact, clicked the email and input their login credentials on the phishing page.
Cyberhaven doesn't believe the attackers were targeting any specific companies, but rather sending out a mass phishing campaign and then going forward with any recipient that clicked through.
At this time, it's unclear as to how many users of these Chrome extensions have been affected.
Topics Cybersecurity Google
'Severance' puts a spin on the Orpheus and Eurydice myth in its Season 2 finale
Trollope Gets His 65,000 Words Back
The Nervous Systems of Books
Terry Pratchett’s Advice for “Keeping It Real”
CPU Price Watch: 9900K Incoming, Ryzen Cuts
Strife in the Fast Lane
Yasmina Reza on the Frivolous and the Profound
The Nervous Systems of Books
NYT Strands hints, answers for May 5
Terry Pratchett’s Advice for “Keeping It Real”
Elon Musk says Mars ship could make first flights in 2019
The Plain, Inescapable There
Victor Hugo’s Drawings
Piglets & Ghosts: The Unique Thrills of Mexican Paperbacks
Best tablet deal: Get the Google Pixel Tablet for $120 off at Amazon
Reggae in the Seventies; Cannes in the Fifties
Roz Chast’s Vibrant Painted Eggs
Victor Moscoso on Zap Comix, Learning, and Unlearning
Best grocery deal: Spend $20 and get $5 off at Amazon
Piglets & Ghosts: The Unique Thrills of Mexican Paperbacks
Slate releases Google Chrome extension to keep Twitter at 140Netflix now lets you feed your enemies to Dart from 'Stranger Things'La Niña is officially here, and it will influence the upcoming winterDrake tests out new untitled song during his world tourKhal Drogo and Tormund Giantsbane met IRL and slayed pints togetherHere's exactly how fast the iPhone X battery charges upKim Kardashian's Screenshop is Shazam for clothingLa Niña is officially here, and it will influence the upcoming winterGoogle: Project Loon has provided internet to 100,000 in Puerto RicoDrake tests out new untitled song during his world tourKim Kardashian West on apps, social media, and her mostIs Mjolnir broken forever? Chris Hemsworth mourns Thor's iconic hammerIt really sounds like this Christmas advert contains a NSFW insult to Paddington bearTaylor Swift will keep 'Reputation' off streaming services for a weekApple has shipped way more iPhone 7s than iPhone 8s, says reportTrump's first expanded tweet could have been 140 charactersTwitter must fix verification, but there are no easy solutionsLa Niña is officially here, and it will influence the upcoming winterTripAdvisor will warn users about hotels with sexual assault incidents, but only for a whileUber shows off its flying taxi service in new video 'Pokémon Go' is getting raids 5 ways Amazon could use Whole Foods to crush the competition The 13 most annoying Facebook notifications, ranked Google posts Financial Times op The CIA can turn your router into a spy Venezuela accuses Twitter of censoring after government accounts are suspended Nearly 200 million voters exposed in data leak Elon Musk had a 'promising' conversation about tunnels with Los Angeles mayor YouTube broke for a hot sec and the internet couldn't handle it Is video really the future of VR? Too much is never enough on Lorde's vital 'Melodrama' NBC releases unaired episode with one of Adam West 'Powerless 'cameo A firefighter did a Reddit AMA after the London tower fire and it was everything Not just for scares: Horror films like 'It Comes at Night' have something to say Girl Scouts add new cybersecurity badges to promote girls in STEM Chance the Rapper adds ASL interpreters for an inclusive concert experience Ariana Grande shares heartfelt message to fans for their support in wake of Manchester attack Lorde continues to be great by bumming chicken nuggets off of a fan Walmart is definitely buying Bonobos for $310 million Emoji expert documents Britney Spears' first Philippines concert perfectly