🚀 Researcher Warns Of Malicious Browser Extension Targeting Developers
#MaliciousBrowserExtension #CyberSecurity #SupplyChainAttack #SolidityDevelopers #Phishing #BrowserSecurity #CryptocurrencySecurity #SoftwareDevelopment #DeveloperSafety #VirtualMachines
According to PANews, a cryptocurrency researcher known as @LehmannLorenz on the X platform reported a near-miss incident where his computer was almost compromised by a malicious browser extension. The extension, developed by an unverified source, amassed 1.7 million downloads and a perfect 5/5 star rating within just one day of its release. Upon downloading and examining the extension, everything appeared normal except for an obfuscated 'extension.js' file that ran during installation. Log files indicated that the script eventually encountered an error, relying on PowerShell execution to operate entirely in memory, leaving no traces on the disk.
In response, SlowMist's Yu Jian stated that this incident represents a supply chain phishing attack targeting Solidity smart contract developers. He emphasized that the editor environment is a high-risk area for supply chain attacks. To mitigate risks, he advised isolating usage as much as possible, avoiding unnecessary installations, and adhering to the principle of 'just enough is enough.' He also recommended using separate computers or virtual machines for more complex tasks to ensure security.#MaliciousBrowserExtension #CyberSecurity #SupplyChainAttack #SolidityDevelopers #Phishing #BrowserSecurity #CryptocurrencySecurity #SoftwareDevelopment #DeveloperSafety #VirtualMachines
🚀 Malware Targets MacOS Users Through Fake Video Conferencing Apps
#windows #macos #malware #videoconferencing #cybersecurity #AI #cryptocurrency #dataprotection #passwordsecurity #Keychain #browsersecurity
According to PANews, researchers have identified a malware attack targeting macOS users that has been active for four months. The attack involves malware disguised as a video conferencing application, which steals passwords from the Keychain, session cookies from browsers like Google Chrome, Brave, and Opera, as well as cryptocurrency wallet information.
Tara Gould from Cado Security Labs revealed that attackers are using AI-generated content to create fake websites and social media accounts, posing as reputable companies. Victims are often approached through platforms like Telegram, discussing blockchain or cryptocurrency business opportunities. Once the file is installed, users are prompted to enter their macOS password, allowing further data theft.
Security experts advise users to remain vigilant, especially regarding unfamiliar links related to business opportunities. Utilizing protective tools such as Intego VirusBarrier can effectively defend against such threats.#windows #macos #malware #videoconferencing #cybersecurity #AI #cryptocurrency #dataprotection #passwordsecurity #Keychain #browsersecurity
🚀 Security Alert Issued Over Malicious Ad Campaign Targeting Pudgy Penguins
#SecurityAlert #MaliciousAds #PudgyPenguins #ScamSniffer #Web3Security #AdBlockers #CryptoSafety #BrowserSecurity
According to Odaily, Scam Sniffer has issued a security alert after users reported being redirected to a fake Pudgy Penguins website when accessing a Singaporean news portal. Investigations revealed that this is part of a larger malicious advertising campaign. The attack operates as follows: malicious ads are distributed via the Google ad network, which loads suspicious code from Adloox. This code checks for the presence of a web3 wallet and, if detected, redirects the user to the fraudulent Pudgy Penguins site. Currently, the attack targets only Pudgy Penguins users, but the method could easily be adapted for other projects. Users are advised to carefully verify URLs. Preventive measures include enabling ad blockers, using a separate browser for crypto activities, thoroughly checking URLs before connecting wallets, and installing browser security extensions.#SecurityAlert #MaliciousAds #PudgyPenguins #ScamSniffer #Web3Security #AdBlockers #CryptoSafety #BrowserSecurity
🚀 Security Flaw Found in Claude Chrome Extension
#CyberSecurity #Vulnerability #ChromeExtension #XSS #ClaudeAI #Malware #DataBreach #BrowserSecurity #UpdateRequired #Phishing
A critical vulnerability has been identified in the Claude Chrome extension, affecting versions below 1.41. According to ChainCatcher, GoPlus cited a report from Koi highlighting this issue.
The flaw allows attackers to exploit malicious web pages that silently load iframes containing cross-site scripting (XSS) vulnerabilities. These can execute harmful payloads within the a-cdn.claude.ai subdomain, which is on the extension's trusted whitelist. This enables attackers to send and automatically execute malicious prompts to the Claude extension without user consent or interaction, leaving victims unaware.
The vulnerability could allow attackers to manipulate the Claude extension to access users' Google Drive documents, steal business access tokens, or export chat logs. Additionally, it could enable the takeover of current browser sessions to perform sensitive actions, such as sending emails, impersonating the victim.
GoPlus advises users to update the Claude extension to version 1.41 or higher immediately and to remain vigilant against phishing links.#CyberSecurity #Vulnerability #ChromeExtension #XSS #ClaudeAI #Malware #DataBreach #BrowserSecurity #UpdateRequired #Phishing