Over 100 Chrome extensions in Web Store target users accounts and data

Over 100 malicious Chrome extensions discovered in the official Chrome Web Store are conducting credential theft, deploying backdoors, and committing ad fraud. These extensions target user accounts by stealing Google OAuth2 Bearer tokens to gain unauthorized access to Google services and user data. The extensions exploit the trust of the official Chrome Web Store to distribute malware at scale. Organizations should review installed browser extensions, enforce least privilege principles for extension permissions, and consider using enterprise browser security solutions to detect and block malicious extensions. Users should be cautious when installing extensions and review permissions carefully before granting access.

More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, deploy backdoors, and carry out ad fraud. [...]

Over 100 malicious Chrome extensions discovered in the official Chrome Web Store are conducting credential theft, deploying backdoors, and committing ad fraud. These extensions target user accounts by stealing Google OAuth2 Bearer tokens to gain unauthorized access to Google services and user data. The extensions exploit the trust of the official Chrome Web Store to distribute malware at scale. Organizations should review installed browser extensions, enforce least privilege principles for extension permissions, and consider using enterprise browser security solutions to detect and block malicious extensions. Users should be cautious when installing extensions and review permissions carefully before granting access. More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, deploy backdoors, and carry out ad fraud. [...] More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, deploy backdoors, and carry out ad fraud. [...]