The domains in question were on Cloudflare, and the researchers have noted that they were taken down immediately when Proofpoint flagged them up. The researchers discovered that once the compromised Chrome extension was installed, it waited ten minutes before communicating via HTTPS with a remote Command and Control server.įrom that server, the cybercriminals injected more malicious code (a file called ga.js) into the compromised Chrome extension. News first started to circulate about the cyberattack on 12 August, when Chris Pederick announced on Twitter that hackers had penetrated his popular extension, Web Developer for Chrome.Īt that point, the Proofpoint researchers downloaded the compromised 0.4.9 version in order to isolate the nefarious code that the threat actor had injected. This resulted in hijacking of traffic and exposing users to potentially malicious popups and credential theft.” “At the end of July and beginning of August, several Chrome Extensions were compromised after their author’s Google Account credentials were stolen via a phishing scheme. On this fake login page, they were fleeced of their login details, thus giving the cybercriminals access to the inner workings of the apps. Here is a full list of all the apps that were affected:Īccording to the researchers, the hackers used a simple phishing technique, which redirected app developers to a fake copy of the Google account login page.
Those experts discovered that a relatively simple exploit involving a phishing scheme had given hackers control over a number of Chrome developers’ accounts. The discovery was made by Kafeine, a group of researchers at the cybersecurity firm Proofpoint in California. It's possible that their subscribers were subjected to malicious popups and data theft during the course of the suspected attack in June. The VPNs involved were Betternet and TouchVPN. Security experts at Proofpoint have released information about a recent hack that affected two Virtual Private Networks (VPNs) and eight Chrome apps in total.
0 kommentar(er)
