PSA: 4.8 Million Affected by Chrome Extension Attacks Targeting Site Owners
August 17, 2017
In June, July and August, developers of the following Chrome extensions had their login credentials stolen through a phishing attack. The extensions affected are:
- Web Developer – Versions 0.4.9 affected
- Chrometana – Version 1.1.3 affected
- Infinity New Tab – Version 3.12.3 affected
- CopyFish – Version 2.8.5 affected
- Web Paint – Version 1.2.1 affected
- Social Fixer 20.1.1 affected
- TouchVPN appears to have been affected but the version is unclear
- Betternet VPN also appears to have been affected but no version was provided
Based on total installs for these extensions, the attackers targeted a total of 4.8 million users. The developers of these Chrome extensions all had their account credentials compromised….
This allows an attacker to perform any action as the victim. This includes accessing any website the victim is signed into and modifying the content of any web page that the victim views. Once an attacker has control of one of your Chrome extensions, they own your web browser.