Warning: Cyberhaven's browser plug-ins were implanted with malicious code, and multiple plug-ins were attacked
AabyssTeam founder Yu X issued a security warning that Cyberhaven security company was attacked by a phishing email, which led to the implantation of malicious code in the browser extension it released, attempting to read the browser cookies and passwords uploaded by users. Subsequent analysis of the code found that multiple browser extensions were attacked, including Proxy SwitchyOmega (V3), which affected 500,000 users on the Google Store and has now been addressed. SlowMist founder Yu Xian forwarded the warning and said that this type of attack uses the OAuth2 attack chain, obtaining the "extension publishing permission" of the "target browser extension" developer, and publishing an extension update with a backdoor. Each time the browser is started or the extension is reopened, the update may be automatically triggered, and the backdoor implantation is difficult to detect. Remind wallet extension program publishers not to be careless.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
DAILY Investor Community issues legal statement against fraudulent issuance of Daily Mail
Reciprocal tariffs may be coming, but markets don’t care much just yet
Advisers have been instructed to come up with new tariff levels that consider fees and taxes placed on US exports
Here’s How Much Shiba Inu You Need to Become a Millionaire If SHIB Hits $0.0004, $0.006 or $0.03
US media: TSMC may take over Intel's chip manufacturing business
Trending news
MoreCrypto prices
More
