Google Chrome extensions targeted by hackers to steal user passwords

Christmas Eve attack sees Cyberhaven Chrome extension hit
Some data could have been exfiltrated, Cyberhaven systems secure
Users are being told to change their passwords

Cyberhaven has confirmed its Google Chrome extension was the subject of a Christmas Eve cyberattack, exposing sensitive customer data like passwords and session tokens.

In a statement, the data loss prevention company noted the attack showed signs of being part of a “wider campaign” to target other companies, too.

The attack started as many others do – an employee fell for a phishing email and shared their credentials, giving the threat actor access to Cyberhaven’s systems.

Cyberhaven shares details of Christmas Eve attack

More specifically, the attacker obtained the worker’s Google Chrome Web Store credentials, allowing them to post a malicious version of its Chrome extension to the marketplace. Only version 24.10.4 was affected on Chrome-based browsers that auto-updated; the code was active between 1:32 AM UTC on December 25 and 2:50 AM UTC on December 26.

CEO Howard Ting said the compromise was detected by the firm’s security team at 11:54 PM UTC on Christmas Day – it was removed within an hour, noting, “I’m proud of how quickly our team reacted, with virtually everyone in the company interrupting their holiday plans to serve our customers, and acting with the transparency that is core to our company values.”

No other Cyberhaven systems, such as CI/CD processes and code signing keys, were compromised, however users’ cookies and authenticated sessions for certain targeted websites could have been exfiltrated.

Users are now being advised to maintain basic internet hygiene principles, such as ensuring that their extensions are up to date (in this case, version 24.10.5 or newer), reviewing logs for suspicious activity, and revoking or rotating all passwords that aren’t FIDOv2.

The company has already implemented additional security measures to prevent similar future attacks and is actively cooperating with law enforcement.

https://cdn.mos.cms.futurecdn.net/TWkP7ZurZMY6uepDxsK6Ha-1200-80.jpg

Source link

The 7 best projectors at CES 2025

Industrial routers are being hit by zero-days from new Mirai botnets

TCL has 3 new smart glasses which are all in the running for the best of 2025 already

Finally! The Volvo EX30 has solved one of my biggest problems with modern cars

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

People are driving through flames to escape this California wildfire

New ‘Westworld’ trailer introduces us to another dystopian tech company

What’s the point of ‘Charlie’s Angels’ without Sam Rockwell dancing?

These striking photos capture the future of human flight

‘Heathers’ is still the best dark comedy about high school hell

Trump vs. Harris: How the election will affect EV adoption

Lumwana’s Super Pit Expansion Officially Launched By Investing.com

How Biden could use a 1947 law to suspend the dockworkers’ strike

Why your Roth IRA conversions could have ‘unintended’ tax consequences

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

Google Chrome extensions targeted by hackers to steal user passwords

The 7 best projectors at CES 2025

Industrial routers are being hit by zero-days from new Mirai botnets

TCL has 3 new smart glasses which are all in the running for the best of 2025 already

Finally! The Volvo EX30 has solved one of my biggest problems with modern cars

Leave a reply Cancel reply