Google Chrome extensions hit in major attack – dozens of developers affected, so be on your guard
Posted by:
John Harrison
Researchers have uncovered a significant supply-chain attack targeting developers of Chrome extensions, leading to the compromise of numerous extensions and potentially millions of users being affected. The cyberattack involves hackers impersonating Google Chrome Web Store support in convincing phishing emails to developers, tricking them into sharing their login credentials. This breach has put users at risk of data theft, identity theft, wire fraud, and other cybercrimes. The attackers have targeted popular extensions including GraphQL Network Inspector, Proxy SwitchyOmega (V3), YesCaptcha assistant, Castorus, and VidHelper among others. To mitigate the risk, users are advised to update or uninstall affected extensions released after December 26, 2024, and reset important account passwords, particularly on platforms like Facebook and ChatGPT. This security threat has alarmed cybersecurity experts, emphasizing the importance of staying vigilant and ensuring the safety of online actions.
Recent Posts1
Civ 7 requirements for PC, Steam Deck, Linux, and Mac
February 5, 2025
Microsoft’s new Surface for Business PCs have AI firmly at the core
February 5, 2025
