Widespread cyberattack targets Google Chrome extensions, compromises 2.6 million devices

A cyberattack on Chrome extensions affects 2.6 million devices.

: A cyberattack targeted Google Chrome extensions, compromising data from 2.6 million devices. Cyberhaven's extension was among those affected, exploited via spear-phishing. Researchers found the attack extended to 19 other extensions, with 1.46 million downloads affected.

Cybersecurity experts have discovered a large-scale cyberattack affecting Google Chrome extensions, resulting in the compromise of approximately 2.6 million devices. The initial discovery was made by Cyberhaven when malicious code was found in their extension due to an attack beginning on Christmas Eve.

Attackers used sophisticated spear-phishing techniques to exploit a vulnerability in Chrome Web Store’s developer authentication system. It was found that at least 33 extensions were compromised, involving custom domains and the harvesting of credentials to issue malicious payloads.

This attack is part of a greater trend, with connections to a 2019 campaign affecting four million devices. Discussions have begun on securing browser extensions, with recommendations like implementing a browser asset management list suggested.