When Good Extensions Go Bad: Takeaways from the Campaign Targeting Browser Extensions
Dec 30, 2024
Browser Security / GenAI Security
News has been making headlines over the weekend of the extensive attack campaign targeting browser extensions and injecting them with malicious code to steal user credentials. Currently, over 25 extensions, with an install base of over two million users, have been found to be compromised, and customers are now working to figure out their exposure (LayerX, one of the companies involved in protecting against malicious extensions is offering a complimentary service to audit and remediate organizations' exposure - to sign-up click here ). While this is not the first attack to target browser extensions, the scope and sophistication of this campaign are a significant step up in terms of the threats posed by browser extensions and the risks they pose to organizations. Now that details of the attack have been publicized, users and organizations need to assess their risk exposure to this attack and to browser extensions in general. This article is aimed at helping organizations understand t...