CP
cyberpings
BreachesHIGH

Malicious Chrome Extensions Expose Users to Data Theft

THThe Hacker News
Chromemalwaredata theftbrowser extensionsQuickLens
🎯

Basically, two Chrome extensions became harmful after their ownership changed, allowing hackers to steal data.

Quick Summary

Two Chrome extensions have turned malicious after their ownership changed. Users are at risk of data theft and code injection. Google is working to remove the harmful extensions, but immediate action is needed.

What Happened

Imagine downloading a handy tool for your browser, only to find out it’s secretly a thief. Recently, two popular Google Chrome extensions turned malicious after their ownership was transferred. This sneaky move allowed attackers to inject harmful code and steal sensitive data? from unsuspecting users.

The extensions, originally developed by a user named "akshayanuonline@gmail.com" (BuildMelon), include QuickLens and another unnamed tool. Once the ownership changed, the new operators exploited these extensions to push malware? to users, compromising their data security. This situation raises serious concerns about the safety of browser extensions? and the potential risks they pose to everyday internet users.

Why Should You Care

You might think that browser extensions? are harmless, but they can be like inviting a stranger into your home. When you install an extension, you’re granting it access to your browsing data and personal information. If the extension turns malicious, it can easily harvest your passwords, bank details, and other sensitive data?.

Think of it like this: If someone took over your favorite coffee shop and started serving toxic drinks, you wouldn’t know until it was too late. The same goes for these extensions. They can operate quietly in the background, collecting your information without you even realizing it. This incident serves as a reminder to be cautious about what you install on your browser.

What's Being Done

Google is aware of the situation and is working to remove the malicious extensions from the Chrome Web Store. If you have these extensions installed, it’s crucial to take immediate action. Here’s what you should do right now:

  • Uninstall the affected extensions from your browser.
  • Change your passwords for any accounts you accessed while using the extensions.
  • Monitor your accounts for any suspicious activity.

Experts are keeping a close eye on this situation to see if more extensions fall victim to similar ownership transfer?s. The takeaway? Always be vigilant about the tools you use online, as they can become threats in an instant.

💡 Tap dotted terms for explanations

🔒 Pro insight: This incident highlights the vulnerabilities in extension ownership transfer, prompting a need for stricter controls in the Chrome Web Store.

Original article from

The Hacker News

Read Full Article

Share

Related Pings

HIGHBreaches

Starbucks Data Breach - 889 Employees Affected

A data breach at Starbucks has affected 889 employees, raising concerns about data security and privacy. Immediate actions are needed to protect sensitive information. Stay alert and monitor your accounts closely.

Security Affairs·
HIGHBreaches

Loblaw Data Breach - Customer Information Exposed

Loblaw has disclosed a data breach impacting customer information, including names and emails. This raises serious concerns about data security in retail. Customers should stay alert for potential scams.

SecurityWeek·
HIGHBreaches

Starbucks Data Breach Exposes Personal Info of 889 Employees

Starbucks has reported a data breach affecting 889 employees due to phishing attacks. Personal information, including Social Security numbers, was exposed. The company is offering identity protection services to those affected.

Security Affairs·
HIGHBreaches

Hacker Accidentally Exposes FBI's Epstein Files

What Happened A foreign hacker accidentally accessed a server containing sensitive materials related to the FBI's investigation into Jeffrey Epstein. This incident occurred when the hacker discovered a trove of emails, images, and documents that appeared to contain child abuse materials. Shocked by the content, the hacker left a message threatening to report the findings to the FBI, unaware

Wired Security·
HIGHBreaches

Telus Digital Confirms Major Data Breach by ShinyHunters

What Happened Telus Digital, the digital services arm of Canadian telecommunications giant Telus, has confirmed that it suffered a significant data breach. This announcement follows allegations from the notorious cybercrime group, ShinyHunters, who claimed to have exfiltrated nearly 1 petabyte of data over several months. The breach reportedly involved the use of credentials obtained from a previous hack of

SC Media·
HIGHBreaches

Bank Leak Exposes Customer Data Amid AI Security Concerns

What Happened In a significant breach of trust, Lloyds, Halifax, and Bank of Scotland customers experienced a shocking privacy violation. Customers were able to see other users' transactions within their banking apps. This incident highlights a serious confidentiality failure, raising concerns about how secure our financial information really is. The breach is not the result of a hack but

SC Media·