{"id":293721,"date":"2024-12-30T20:27:44","date_gmt":"2024-12-30T19:27:44","guid":{"rendered":"https:\/\/sftarticles.wpenginepowered.com\/es\/?p=346423"},"modified":"2025-07-01T15:34:13","modified_gmt":"2025-07-01T22:34:13","slug":"hackers-have-attacked-these-chrome-extensions","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/en\/hackers-have-attacked-these-chrome-extensions\/","title":{"rendered":"Hackers have attacked these Chrome extensions"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Be careful if you are going to install extensions in Google Chrome. Once again, <strong>hackers<\/strong> have managed to <strong>alter<\/strong> some of the extensions available for the browser and add malicious code to them. <\/p>\n\n<div class=\"sc-card-program\">\r\n  <div class=\"sc-card-program__body\">\r\n    <div class=\"sc-card-program__row clearfix\">\r\n      <div class=\"sc-card-program__col-logo\">\r\n        <img decoding=\"async\" class=\"sc-card-program__img\" alt=\"Google Chrome\" src=\"https:\/\/images.sftcdn.net\/images\/t_app-icon-m\/p\/f875d630-96d4-11e6-b152-00163ed833e7\/2579573670\/chrome-logo\" width=\"100px\" height=\"100px\">\r\n      <\/div>\r\n      <div class=\"sc-card-program__col-title\">\r\n        <span class=\"sc-card-program__title\">Google Chrome<\/span>\r\n        <a class=\"sc-card-program__button sc-card-program-internal\" href=\"https:\/\/chrome.softonic.com\/android\" target=\"_self\" rel=\"noopener noreferrer\">DOWNLOAD<\/a>\r\n      <\/div>\r\n      <div class=\"sc-card-program__col-rating\">\r\n        <svg class=\"rating-score__content\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" version=\"1.1\" x=\"0\" y=\"0\" viewbox=\"0 0 50 50\" enable-background=\"new 0 0 50 50\" xml:space=\"preserve\"><path class=\"rating-score__background rating-score--good\" fill=\"none\" stroke-width=\"6\" stroke-miterlimit=\"10\" d=\"M40 40c8.3-8.3 8.3-21.7 0-30s-21.7-8.3-30 0 -8.3 21.7 0 30\"><\/path><path class=\"rating-score__value rating-score__value--0\" fill=\"none\" stroke-width=\"6\" stroke-dashoffset=\"0\" stroke-miterlimit=\"10\" d=\"M40 40c8.3-8.3 8.3-21.7 0-30s-21.7-8.3-30 0 -8.3 21.7 0 30\"><\/path><text class=\"rating-score__number\" content=\"\" text-anchor=\"middle\" transform=\"matrix(1 0 0 1 25 31.0837)\" data-auto=\"app-user-score\"><\/text><\/svg>\r\n      <\/div>\r\n    <\/div>\r\n    <div class=\"sc-card-program__row\">\r\n      <span class=\"sc-card-program__description\"><\/span>\r\n    <\/div>\r\n    <div class=\"sc-card-program__row\">\r\n      <img decoding=\"async\" class=\"sc-card-program__bigpic\" src=\"\" onerror=\"this.style.display='none'\">\r\n    <\/div>\r\n    <a class=\"sc-card-program__link track-link sc-card-program-internal\" href=\"https:\/\/chrome.softonic.com\/android\" target=\"_self\" rel=\"noopener noreferrer\"><\/a>\r\n  <\/div>\r\n<\/div>\n\n\n<p class=\"wp-block-paragraph\">One of the affected companies, <strong>Cyberhaven<\/strong>, notified its users that its Chrome extension had been <strong>compromised<\/strong> after suffering an attack targeting the &#8220;logins&#8221; of other specific platforms. Additionally, the extensions of <strong>ParrotTalks<\/strong>, <strong>Uvoice<\/strong>, and <strong>VPNCity<\/strong> were also similarly altered, according to <a href=\"https:\/\/www.engadget.com\/cybersecurity\/hackers-injected-malicious-code-into-several-chrome-extensions-in-recent-attack-220648155.html?src=rss&amp;guccounter=1\" target=\"_blank\" rel=\"noopener nofollow\" title=\"Engadget\">Engadget<\/a>. <\/p>\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img decoding=\"async\" src=\"https:\/\/articles-img.sftcdn.net\/auto-mapping-folder\/sites\/2\/2022\/03\/iStock-Virus-image-e1706113994259.jpg\" alt=\"\" class=\"wp-image-245477\" style=\"width:630px;height:auto\" \/><\/figure>\n\n\n<p class=\"wp-block-paragraph\">In an investigation conducted by Cyberhaven itself, it was revealed that the malicious extension was targeting <strong>Facebook Ads<\/strong> users. The aim was to steal data such as access tokens, user IDs, cookies, and more information. Additionally, the malicious code included a receiver to <strong>log mouse clicks<\/strong>. Cyberhaven explained that the attackers stored the Facebook user ID in the browser and used it to <strong>bypass two-step authentication<\/strong>.<\/p>\n\n<div class=\"sc-card-program\">\r\n  <div class=\"sc-card-program__body\">\r\n    <div class=\"sc-card-program__row clearfix\">\r\n      <div class=\"sc-card-program__col-logo\">\r\n        <img decoding=\"async\" class=\"sc-card-program__img\" alt=\"Google Chrome\" src=\"https:\/\/images.sftcdn.net\/images\/t_app-icon-m\/p\/f875d630-96d4-11e6-b152-00163ed833e7\/2579573670\/chrome-logo\" width=\"100px\" height=\"100px\">\r\n      <\/div>\r\n      <div class=\"sc-card-program__col-title\">\r\n        <span class=\"sc-card-program__title\">Google Chrome<\/span>\r\n        <a class=\"sc-card-program__button sc-card-program-internal\" href=\"https:\/\/chrome.softonic.com\/android\" target=\"_self\" rel=\"noopener noreferrer\">DOWNLOAD<\/a>\r\n      <\/div>\r\n      <div class=\"sc-card-program__col-rating\">\r\n        <svg class=\"rating-score__content\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" version=\"1.1\" x=\"0\" y=\"0\" viewbox=\"0 0 50 50\" enable-background=\"new 0 0 50 50\" xml:space=\"preserve\"><path class=\"rating-score__background rating-score--good\" fill=\"none\" stroke-width=\"6\" stroke-miterlimit=\"10\" d=\"M40 40c8.3-8.3 8.3-21.7 0-30s-21.7-8.3-30 0 -8.3 21.7 0 30\"><\/path><path class=\"rating-score__value rating-score__value--0\" fill=\"none\" stroke-width=\"6\" stroke-dashoffset=\"0\" stroke-miterlimit=\"10\" d=\"M40 40c8.3-8.3 8.3-21.7 0-30s-21.7-8.3-30 0 -8.3 21.7 0 30\"><\/path><text class=\"rating-score__number\" content=\"\" text-anchor=\"middle\" transform=\"matrix(1 0 0 1 25 31.0837)\" data-auto=\"app-user-score\"><\/text><\/svg>\r\n      <\/div>\r\n    <\/div>\r\n    <div class=\"sc-card-program__row\">\r\n      <span class=\"sc-card-program__description\"><\/span>\r\n    <\/div>\r\n    <div class=\"sc-card-program__row\">\r\n      <img decoding=\"async\" class=\"sc-card-program__bigpic\" src=\"\" onerror=\"this.style.display='none'\">\r\n    <\/div>\r\n    <a class=\"sc-card-program__link track-link sc-card-program-internal\" href=\"https:\/\/chrome.softonic.com\/android\" target=\"_self\" rel=\"noopener noreferrer\"><\/a>\r\n  <\/div>\r\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Be careful if you are going to install extensions in Google Chrome. Once again, hackers have managed to alter some of the extensions available for the browser and add malicious code to them. One of the affected companies, Cyberhaven, warned its users that their Chrome extension had been compromised after suffering an attack targeting the &#8220;logins&#8221; of other specific platforms. Additionally, the extensions of ParrotTalks, Uvoice, and VPNCity were also similarly altered, according to Engadget. In an investigation conducted by Cyberhaven itself, it was revealed that the malicious extension was targeted at users [&hellip;]<\/p>\n","protected":false},"author":9211,"featured_media":293722,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wpcf-pageviews":6},"categories":[1015],"tags":[],"usertag":[],"vertical":[],"content-category":[],"class_list":["post-293721","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/293721","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/users\/9211"}],"replies":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/comments?post=293721"}],"version-history":[{"count":1,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/293721\/revisions"}],"predecessor-version":[{"id":310264,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/293721\/revisions\/310264"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media\/293722"}],"wp:attachment":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media?parent=293721"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/categories?post=293721"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/tags?post=293721"},{"taxonomy":"usertag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/usertag?post=293721"},{"taxonomy":"vertical","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/vertical?post=293721"},{"taxonomy":"content-category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/content-category?post=293721"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}