Recent Phishing Attacks Target Google Chrome Extensions, Spread Adware to 1 Million Users
Browser extensions help us out with our grammar, they allow us to video chat online, they even permit us to play games. Their intent is to extend the functionality of a web browser. Unfortunately, they’re also being leveraged by cybercriminals to extend the functionality of their own malicious campaigns. In fact, this past week we’ve seen a wave of phishing attacks aimed at the developers of popular browser extensions for Google Chrome. Cybercriminals are conducting these attacks in order to hijack these extensions and use them to spread adware to innocent users.
So, what do these attacks look like exactly? One campaign saw cybercriminals compromising the Chrome Web Store account of a German developer team in order to hijack the “Copyfish” extension, which is a browser extension that performs optical character recognition. After gaining control of the extension, the crooks then modified “Copyfish” with ad-injection capabilities to distribute spam correspondence to users.
The second attack we’ve seen features the popular Chrome extension “Web Developer,” which adds a toolbar button to a browser that includes various web developer tools. Once they got inside the creator’s account, cybercriminals used the popular plug-in to their advantage, directly injecting adware into the web browser of its 1 million users.
Though adware is largely just an annoyance for innocent users, the larger issue with this attack is that cybercriminals can now potentially access users’ web account info. Since these plugins have access to pretty much everything that’s happening on a user’s browser and can do anything from reading all website content to intercepting traffic, it’s important users start thinking about protection. Therefore, to stay secure from these types of attacks, follow these tips:
- Keep an eye out for phishing. Even though developers were the ones phished in this case, this attack is another crucial reminder for all of us to be wary and keep on the lookout for a phishing scam. Make sure to be cautious when an unknown source is requesting access to your accounts, and if a suspicious or unknown email comes through, don’t click on it.
- Update all extensions. Remember that all bugs and potential threats are typically addressed with each update. Therefore, developers have most likely fixed whatever code has been compromised in these attacks and included those fixes in the latest version of their extension. So always double check that you’re running the most up-to-date version of any extension you use.
- Change your passwords to your web accounts. If these cybercriminals have snooped on your browser, there’s risk that they might’ve discovered your login info to web accounts. So, change your password immediately to prevent cybercriminals from having any future access.
- Stay secure while you browse. Sometimes it’s hard to identify whether a website is full of malicious activity, or is being snooped on by a cybercriminal. So, add an extra layer of security to your browser, and surf the web safely by utilizing McAfee WebAdvisor.
The post Recent Phishing Attacks Target Google Chrome Extensions, Spread Adware to 1 Million Users appeared first on McAfee Blogs.
More antivirus and malware news?
- In wake of Appelbaum fiasco, Tor Project shakes up board of directors
- LinkedIn introduces, quickly says goodbye to email service that sparked security concerns
- Trial of two men accused of $20m hacked press release fraud begins
- Hackers and makers to meet in Amsterdam at HITB #Haxpo
- Personal weather stations can expose your Wi-Fi network
- RARSTONE Found In Targeted Attacks
- Hackers Can Steal Cryptocurrency From Air-Gapped Wallets: Researcher
- NSA’s Decade-Long Plan to Undermine Encryption Includes Backdoors, Stolen Keys, Manipulating Standards
- Java 7 Update 10 allows users to restrict the use of Java in browsers
- Resolved: Adobe Connect Service Meeting Room Problems