Browser extensions are very useful, but they can also sometimes pose a danger to user data. According to what emerges in the last few hours, the hackers would compromise some of the add-ons available for Google Chrome, putting nearly 5 million users at risk.
The disturbing breach was reported by Kafeine, a researcher at Proofpoint, a well-known expert in cybersecurity solutions. From the news it appears that the cybercriminals - whose name continues to remain shrouded in mystery at the moment - were able to fool the developers extensions taken by storm, using phishing emails. With the data obtained, the hackers would then insert the malicious code into the add-ons involved. This is the second case in a few weeks, which brings the number of violated extensions to 8. And always using, apparently, the same perfidious trick.
The risks for users
The breaches are worrying as users who downloaded the modified add-ons risk some of their personal data ending up in the hands of hackers. In particular, through compromised extensions, hackers could steal victims' credentials. And not only. The altered applications would be able to replace legitimate advertisements with unsolicited malicious banners chosen by cybercriminals. In addition, the suspected extensions may cause error pop-ups to appear, which when opened direct users to other malicious sites.
The compromised extensions
As mentioned, at the moment 8 extensions would be compromised. The list includes: Copyfish, the first to be identified, Chrometanta 1.1.3, Web Paint 1.2.1, Social Fixer 20.1.1, Infinity New Tab 3.12.3, Web Developer 0.4.9 and also Touch VPN and Betternet VPN.
How Hackers Affected
The method used by the hackers responsible for the breaches is phishing. The developers of the Chrome extensions would receive an email. Through the deceptive message, the cybercriminals were able to obtain the login credentials of the applications. Subsequently, the authors of the compromise would have altered the source code of the extensions, by inserting parts of malicious code inside.
Chrome extensions under attack, over 5 million users at risk