A recent cyberattack has compromised at least 35 popular Chrome browser extensions, exposing over 2.6 million users to potential data theft and credential vulnerabilities. This campaign targeted extension publishers on the Chrome Web Store through phishing tactics, allowing attackers to insert malicious code into legitimate extensions, ultimately leading to the theft of cookies and user access tokens. Given the significant number of internet users in Nigeria, this incident raises serious concerns about the security of personal data among local users.
Cybersecurity firm Cyberhaven was among the first to identify the breach after an employee fell victim to a phishing attack, which allowed attackers to publish a malicious version of their extension. The phishing email, disguised as a notification from Google Chrome Web Store Developer Support, created urgency by claiming that the extension risked removal due to policy violations. Recipients were lured into granting permissions to a malicious OAuth application, facilitating the upload of harmful code to the Chrome Web Store.
Although some compromised extensions have since been removed or updated, experts warn that the risk persists as long as the malicious versions remain active on users’ devices. Security professionals emphasize that many users, including those in Nigeria, may be unaware of the extensions installed on their browsers or the extent of their permissions, which often include access to sensitive information. As the investigation continues, the need for greater awareness and preventative measures in the Nigerian cyber landscape has never been more critical.
Cybersecurity firm Cyberhaven was among the first to identify the breach after an employee fell victim to a phishing attack, which allowed attackers to publish a malicious version of their extension. The phishing email, disguised as a notification from Google Chrome Web Store Developer Support, created urgency by claiming that the extension risked removal due to policy violations. Recipients were lured into granting permissions to a malicious OAuth application, facilitating the upload of harmful code to the Chrome Web Store.
Although some compromised extensions have since been removed or updated, experts warn that the risk persists as long as the malicious versions remain active on users’ devices. Security professionals emphasize that many users, including those in Nigeria, may be unaware of the extensions installed on their browsers or the extent of their permissions, which often include access to sensitive information. As the investigation continues, the need for greater awareness and preventative measures in the Nigerian cyber landscape has never been more critical.
