popular Chrome extension hijacked by hackers
Over the past few years, it was known among cyber criminals that they would buy web extensions, modify them by injecting advertisements into websites to generate revenues. However, in recent events, it has become clear that hackers are currently shifting from investing to phishing attacks in order to hijack popular browser extensions.
A popular chrome extension named “Web Developer” used by approximately 1 million users has been hijacked by an anonymous source. Chris Pederick, the creator of Web Developer announced that his Goggle Account was targeted by a phishing attack and compromised. The extension was updated by the attacker to version 0.4.9 by injecting advertisements into all of the users’ browsers. Firefox version was not affected but the modified code fetched Java Script code from the web in order to inject the advertisements.
Furthermore, the modified version enables the attacker to have access to everything on the user’s browser such as reading and intercepting traffic or sniff keystrokes. Chris Pederick noticed the malicious build and took it down within 4-6 hours from the chrome store.
Users are urged to update to version 0.5, change password of t heir web accounts, nullify login tokens and cookies.