Researchers in her field cyber securityThey revealed dozens of attacks on extensions of theletterof tourAs for Chrome, a week later a security company (Cyberhaven) was breached in a similar incident.
As of Wednesday, a total of 36 Chrome extensions injected with data-stealing code have been detected. These extensions are mainly related to artificial intelligence (AI) tools and virtual private networks (VPNs), according to an essay of ExtensionTotal, a platform that analyzes extensions from various marketplaces.
Collectively used by approximately 2,6 million people, these extensions include third-party tools such as ChatGPT for Google Meet, Bard AI Chat, YesCaptcha Assistant, VPNCity and Internxt VPN.
Some of the affected extensions have already fixed the problem by removing the compromised extensions from bedspread or updating them, according to ExtensionTotal's analysis.
We currently do not know if all compromised extensions are linked to the same hacker.
But security researchers warn that browser extensions "should not be used thoughtlessly" as they have deep access to browser data such as authenticated sessions and highly sensitive information.
Extensions are easily updated and often not subject to the same scrutiny as traditional software.
ExtensionTotal recommends that companies use only pre-approved extension versions and ensure that they are protected from malicious automatic updates.
"Even if we trust the developer of an extension, it's important to remember that each version can be completely different from the last," the researchers said.