Everything you need to know about the recent compromises of some popular Chrome extensionsAugust 25th, 2017
For the last few weeks, more Chrome browser extension developers have become the target of an unknown attacker or group of attackers who have being able to break into their account and change the browser add on codes for malicious purposes.
More users worldwide are being affected by this malicious attack, and the number of Google Chrome extensions which have been compromised is growing. According to Proofpoint (a security vendor), the following Chrome browser extensions have already being hacked and compromised:
- Chrometana 1.1.3
- Web Developer 0.4.9
- Web Paint 1.2.1
- Infinitely New Tab 3.12.3
- Social Fixer 20.1.1
- CopyFish 2.8.5
What are the risks
These particular phishing attempts have been already resolved, but it is still unclear who the attacker is and which add ons could be affected by this malicious code injection in the future.
Since Google Chrome is the single most popular Internet browser in the world, there is no doubt that every such illegitimate intervention in the coding of a popular browser app can lead to immense profits for the attackers and to a lot of headaches and losses for the browser app developers, so some serious investigations are being made in order to find those responsible and to limit their activities and future access to the browser add on codes and functionality.
Even worse, illegitimate access to a plugin from Chrome can allow access to just about anything which takes place in the browser, including: traffic interception, keystroke recording and reading website content by enabling the malware-ridden software in the browser.
What can be done to limit the risks
Even though most developers managed to pull out and repair the hacked extensions, some such as the team behind the popular Copyfish app are still cautioning their millions of users worldwide that they are still not in control of their browser extension, and are working on getting it back and returning it back to its normal functioning. The team of developers has confessed that they do not have the proper access to stop the extension from functioning at this point.
Google has been working closely with the developers to help them get back their access to the Chrome browser extension in order to fix the damage and restore its original functioning.
Hopefully, the Internet giant and the world of browser add on developers will team up and work extensively to find those responsible and to limit future attacks and malicious interferences.
Now you have the information you don't want to order CRM Software — Customer experience feedback