Cyberhaven, which works in the field of data loss prevention, announced that it received an unexpected attack during the holiday period. In the latest incident, it was reported that the extensions developed by the company for Google Chrome were attacked by hackers and information could be leaked.
Cyberhaven’s Google Chrome extension under attack
Cyberhaven, a data loss prevention company, announced a cyber attack targeting Google Chrome extensions over the Christmas period. This incident compromised users’ sensitive information, especially passwords and session histories.
chrome extension
According to Cyberhaven, the starting point of the attack was a phishing email sent by malicious actors to a company employee. This allowed the attacker to compromise authorization credentials in the Chrome Web Store.
The Android Auto software has rolled out a new update, introducing a redesigned music player for platforms like Spotify and YouTube Music.
It then uploaded a compromised version of Cyberhaven’s Chrome extension to the store and kept it active for a while. Speaking about the issue, Cyberhaven CEO Howard Ting said that the company quickly detected the breach and removed it from the Web Store.
Although Cyberhaven’s other systems were not affected by this attack, the company urged users to take some precautions. Accordingly, it recommended keeping extensions up to date (version 24.10.5 or newer), reviewing logs for suspicious activity, and revoking all non-FIDOv2 passwords.
So what do you think about this Chrome extension attack? Do not forget to share your opinions with us in the comments section.
