Google Chrome, arguably the world’s most popular web browser has come under attack last week from hackers who have managed to compromise eight of its extensions which are readily available on the Chrome Web Store.
It’s believed that hackers compromised one of the extensions to start off with and the rest followed suit. Things started off with the CopyFish extension being hacked, modified and spam being sent to its users and contacts. Shortly followed by the hijacking of the extension, Web Developer, which was updated to inject malicious adverts into the web browsers of 1 million of its users. Within a short and similar time frame the TouchVPN and Betternet VPN extensions were reported to have also been hacked.
The following Chrome extensions were compromised by the hackers:
- Chrometana (1.1.3)
- Infinity New Tab (3.12.3)
- CopyFish (2.8.5)
- Web Paint (1.2.1)
- Social Fixer (20.1.1)
- Web Developer
- TouchVPN
- Betternet VPN
The hackers’ main avenue of success was to gain access to the developer’s Google Web accounts and start sending out phishing emails to its contacts with malicious links to steal account credentials – making their job easier to hijack other extensions. Once the attackers gained access to the accounts, they either hijacked their respective extensions and then modified them to perform malicious tasks, or they added malicious Javascript code to them in an attempt to hijack traffic and expose users to fake ads and password theft in order to generate revenue.
At the time of writing, the identity of the hackers is unknown and we urge customers to never click on links inside of an email unless you are 100% of the source. We feel this isn’t the last we will hear of this as the potential for hackers to cause more damage is huge – there have been reports of the hackers already replicating the web extensions with malicious versions so we will keep you posted with further updates. In the meantime we advise everyone to put a temporary halt to downloading Google Chrome web extensions until the malicious extensions have been taken off the store.
About IntelliTeK Pty Ltd
IntelliTeK is a managed IT services company in Sydney, Australia. With major vendor relationships and accreditation’s from the worlds leading IT companies including WatchGuard, Microsoft, Trend Micro and Amazon Web Services, IntelliTeK have kept clients happy since 2007.
IntelliTeK are always up to date with the latest cloud backup solutions which is why we only partner with the best in the industry. If your company isn’t fully equipped to fend off cyber criminals, then get in touch with us so we can discuss your options. Call us on 1300 768 779, email us at info@intellitek.com.au, fill out the web form, or have a Live Chat with us below.