Skip to Content
Security & privacy

Watch out! 7 MORE Google Chrome extensions hijacked by malware

Google’s Chrome browser is one of the most popular in the world. One reason it’s so well liked is that it’s easy to customize, thanks to add-on extensions. These are features that modify or enhance your browser experience.

Unfortunately, some of these extensions are under attack by hackers. Keep reading to see a list of those that have been impacted.

Hackers taking control of Chrome extensions

What’s happening is, hackers are sending phishing emails to employees who work for extension publishing companies. The email is purportedly sent from Google, telling the publishing company that its extension needs to be updated immediately or it will be removed from the Chrome Web Store. The message contains a link that reads, “Click here to read more details.”

That link is actually malicious. If the employee falls for the ruse and clicks the link, they are sent to a spoofed Google sign-in page. There, they are asked to enter the credentials to the developer’s account.

This scam was originally discovered a couple weeks ago when developers of the CopyFish extension were successfully targeted. The day after an employee handed over the company’s credentials, the extension was updated, and not by the developer.

Instead, it was updated by the cybercriminals behind the phishing email. The updated version of CopyFish began inserting ads/spam into websites. The developers couldn’t stop it because the scammers took control of the account and blocked them from accessing it.

Now, there are seven more extensions that have been hit by this same attack. Here’s the list of impacted extensions:

  1. Betternet VPN
  2. Chrometana (1.1.3)
  3. CopyFish (2.8.5)
  4. Infinity New Tab (3.12.3)
  5. Social Fixer (20.1.1)
  6. TouchVPN 
  7. Web Developer (0.4.9)
  8. Web Paint (1.2.1)

This incident magnifies how serious of a threat phishing attacks are. Keep reading for some suggestions on how to stay protected.

How to protect against phishing attacks:

More stories you can’t miss:

How to see if your computer needs a security patch

Test your firewall to make sure it’s working

Nasty Locky ransomware is back, and now it’s worse than ever

Ask me your digital question!

Navigating the digital world can be intimidating and sometimes downright daunting. Let me help! Reach out today to ask your digital question. You might even be on my show!

Ask Me