Cyberhaven and other companies fall victim to a cyber campaign targeting Chrome extensions
Hackers have compromised several Chrome browser extensions used by different companies in a wave of intrusions that began in mid-December. One of the victims, California-based Cyberhaven, a data protection company, confirmed the breach on December 28. The attack, which occurred on Christmas Eve, affected the company’s Chrome extension designed to monitor and secure client data across web-based applications.
Cyberhaven’s statement referenced cybersecurity experts who suggested that this breach was part of a broader campaign targeting Chrome extension developers across various companies. The company is currently cooperating with federal law enforcement to investigate the attack.
The scope of the hacks remains unclear, but experts believe that several other Chrome extensions—some related to artificial intelligence and virtual private networks—have also been hijacked, suggesting a coordinated effort to collect sensitive data from as many compromised extensions as possible.
Jaime Blasco, cofounder of Nudge Security, reported finding multiple affected extensions, some dating back to mid-December. Browser extensions are commonly used to enhance browsing experiences, such as applying shopping coupons automatically, but in this case, the affected extensions were also designed to secure data and improve security.
