Certain extensions of Google’s browser, Chrome, were used in a massive cyberattack with the intention of stealing user data.
The extensions involved are legitimate tools. They were hacked by cyber hackers who proceeded to release an “update” of the tool in the Google Store, which contained the spyware. The incident occurred on December 25, being a bitter gift from Santa Claus for the affected companies.
Among the affected extensions were Cyberware, ironically a data security tool, and Internxt VPN and VPN City, private network services. Also Uvoice, a rewards service in exchange for user data, and ParrotTalks, a notes tool that was also used to steal the information of thousands of people.
While most of these apps are relatively small, Cyberware has customers at large companies like Motorola, Canon, and Reddit, meaning that these companies’ information was compromised.
Further investigation revealed more than 15 other extensions that were injected with this malicious code, several of which have already been removed from the Web Store to mitigate the effect of this attack.
Users of these extensions are recommended to remove them from the browser or update to a secure version released after December 26, after ensuring that the publisher is aware of the security issue and has fixed it.
Via: Bleeping Computer