Major Security Breach Hits 35 Chrome Extensions, Endangering 2.6 Million Users
SC World
|
Contributed by: Drex DeFord
Summary
Recent security breaches have compromised at least 35 Google Chrome extensions, affecting around 2.6 million users. The malicious code, initially linked to a phishing campaign against the cybersecurity firm Cyberhaven, has been found to exfiltrate sensitive data. The phishing strategy involved deceptive domains to mislead extension developers, who were tricked into granting unauthorized access via a fraudulent authentication request. This breach specifically targeted Facebook accounts, employing sophisticated methods to bypass two-factor authentication, thus allowing attackers to access critical user information.
