Urgent Alert: Cybersecurity Firm’s Chrome Extension Hijacked – Here is what to know.

  • Home » Urgent Alert: Cybersecurity Firm’s Chrome Extension Hijacked – Here is what to know.
Apple
Featured News Latest News Latest Vulnerabilities Recommended News Technology , , , , ,

Urgent Alert: Cybersecurity Firm’s Chrome Extension Hijacked – Here is what to know.

Discovery of the Breach

In a recent cybersecurity incident, a Chrome extension developed by Cyberhaven, a data loss prevention company, was hijacked to steal users’ sensitive information. The breach was discovered on Christmas Eve when a threat actor successfully executed a phishing attack on an administrator account for the Google Chrome store.

Using this access, the attacker published a malicious version of the Cyberhaven extension, version 24.10.4, which included code capable of exfiltrating authenticated sessions and cookies to the attacker’s domain.

malware-1200x630-1-1024x538 Urgent Alert: Cybersecurity Firm's Chrome Extension Hijacked - Here is what to know.

Swift Detection and Response

Cyberhaven’s internal security team detected the attack within an hour and promptly removed the malicious package. A clean version, 24.10.5, was published on December 26.

Users of the compromised extension were advised to update to the latest version, revoke passwords that aren’t FIDOv2, rotate all API tokens, and review browser logs for any signs of malicious activity.

Wider Implications

The incident highlights the growing threat of malicious browser extensions. Cybersecurity researchers, including Jaime Blasco from Nudge Security, found that the malicious code snippet was also injected into other Chrome extensions around the same time.

Users of these extensions were advised to either remove them or upgrade to a safe version published after December 26.

Importance of Proactive Measures

This breach serves as a reminder of the importance of regularly updating software and being vigilant about potential phishing attacks. Cyberhaven’s swift response and transparent communication with its customers helped mitigate the impact of the attack.

However, it underscores the need for continuous monitoring and proactive measures to protect against such threats.

Conclusion

While the Cyberhaven incident was quickly contained, it serves as a cautionary tale for both users and developers of browser extensions. Staying informed about the latest security threats and taking appropriate precautions can help prevent similar incidents in the future.

You think you have a story worth everyone’s time? SUBMIT A STORY and we will publish it

Share this content:

Tag

Related Posts

Post Comment