Over 100 Chrome extensions in Web Store target users accounts and data
Summary
Over 100 malicious Google Chrome extensions have been discovered in the official Chrome Web Store. These extensions are designed to steal user accounts and data, specifically targeting Google OAuth2 Bearer tokens, and also engage in ad fraud and deploy backdoors.
IFF Assessment
This represents a direct threat to users as malicious extensions actively compromise accounts and steal sensitive data.
Defender Context
This highlights the persistent threat of malicious extensions within legitimate software marketplaces. Defenders need to educate users about the risks of installing third-party extensions and implement browser security policies that restrict or monitor extension installations. Organizations should also consider technical controls to detect and block the exfiltration of sensitive data by compromised extensions.