A series of cyberattacks dating back to mid-December has compromised Chrome browser extensions across multiple companies, according to cybersecurity experts and one confirmed victim.
Among those affected is California-based data protection firm Cyberhaven, which disclosed the breach in a statement to Reuters.
“Cyberhaven can confirm that a malicious cyberattack occurred on Christmas Eve, affecting our Chrome extension,” the company stated. Cyberhaven also noted public reports from cybersecurity professionals suggesting the attack was part of a broader campaign targeting Chrome extension developers at various companies. The company added, “We are actively cooperating with federal law enforcement.”
Extensions in the Crosshairs
Browser extensions are widely used to enhance web browsing, from applying shopping discounts to securing data. In Cyberhaven’s case, its Chrome extension was designed to monitor and secure client data within web-based applications.
Jaime Blasco, cofounder of Texas-based Nudge Security, reported observing several other compromised Chrome extensions in a similar manner. Blasco noted that at least one extension was targeted as early as mid-December, with affected extensions including those related to artificial intelligence and virtual private networks (VPNs).
Blasco speculated that the attackers aimed to collect sensitive data from as many compromised extensions as possible, indicating a potentially opportunistic and broad-reaching campaign.
Unclear Impact
The geographic scope and overall impact of the breaches remain uncertain. The incidents underscore the vulnerabilities of browser extensions, which are often relied upon for both personal convenience and professional security.
Cybersecurity experts recommend heightened vigilance and regular updates for developers and users to mitigate the risks posed by such attacks.
We have helped 20+ companies in industries like Finance, Transportation, Health, Tourism, Events, Education, Sports.
