News

To Acquire User Passwords, A Cyber Firm’s Chrome Extension Was Taken Over

According to an email sent to impacted customers who might have been the targets of this suspected supply-chain attack, data-loss prevention business Cyberhaven claims that hackers released a malicious update to its Chrome extension that was able to collect session tokens and client passwords.

Although Cyberhaven declined to comment on the incident’s specifics, the company confirmed the cyberattack on Friday. 

According to a company email addressed to consumers, which security researcher Matt Johansen was able to collect and publish. The hackers used a company account to release a malicious update to the Chrome extension early on December 25. 

Customers using the hacked browser extension, according to the email, 

“It is possible for sensitive information, including authenticated sessions and cookies, to be exfiltrated to the attacker’s domain.” 

Cameron Coles, a spokesman at Cyberhaven, did not contest the email’s legitimacy but declined to comment. 

Cyberhaven said in a succinct email that the malicious extension (version 24.10.4) was taken down from the Chrome Web Store after its security team discovered the intrusion in the afternoon of December 25. Soon later, a new, authentic version of the extension (24.10.5) was made available. 

Cyberhaven sells technologies, including browser extensions that let the corporation keep an eye out for potentially harmful activity on websites. That it claims to guard against data exfiltration and other intrusions. As of this writing, the Cyberhaven extension has about 400,000 business customer users, according to the Chrome Web Store.

Read More News

  1. What Is mm2 club in roblox?
  2. How To Get Voice Chat On Roblox?
  3. Apple Was Sued For Discontinuing iCloud’s CSAM Detection

News Source

Avijit Sah

Avijit Sah is a digital marketing expert specializing in SEO, social media, and content strategy. With a passion for helping businesses grow online, Avijit Sah uses data-driven tactics to boost visibility and engagement. Follow Avijit for the latest digital marketing tips and insights.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button