Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Google’s Veo 3 and Veo 3 Fast Video Generation Models Now Generally Available on Vertex AI

    July 30, 2025

    Google to Sign EU’s Voluntary AI Code of Practice, While Raising Concerns Over Regulation

    July 30, 2025

    Apple Rolls Out iOS 18.6 With Major Changes for EU Users and Critical Security Fixes

    July 30, 2025
    Facebook X (Twitter) Instagram Pinterest
    EchoCraft AIEchoCraft AI
    • Home
    • AI
    • Apps
    • Smart Phone
    • Computers
    • Gadgets
    • Live Updates
    • About Us
      • About Us
      • Privacy Policy
      • Terms & Conditions
    • Contact Us
    EchoCraft AIEchoCraft AI
    Home»Tech News»Cyberhaven’s Chrome Extension Compromised in Attack to Steal User Data
    Tech News

    Cyberhaven’s Chrome Extension Compromised in Attack to Steal User Data

    EchoCraft AIBy EchoCraft AIDecember 28, 2024No Comments3 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    Share
    Facebook Twitter LinkedIn Pinterest Email

    A targeted cyberattack has compromised the Chrome extension of Cyberhaven, a data-loss prevention startup, exposing user credentials and session tokens to potential misuse.

    The breach, which affected version 24.10.4 of the extension, was detected on December 25 and has raised alarms about the security of browser extensions and their role in enterprise systems.

    Breach Details and User Risks

    Hackers infiltrated Cyberhaven’s systems by compromising an administrator account, enabling them to publish the malicious update. Users who downloaded the affected version faced risks including:

    • Data Exfiltration: Attackers could access session tokens, authenticated cookies, and other sensitive data.
    • Security Bypass: With session tokens, attackers could potentially circumvent two-factor authentication and gain unauthorized access to user accounts.

    In an email to customers, Cyberhaven outlined these risks and provided mitigation steps, emphasizing the need for immediate action to protect sensitive information.

    Cyberhaven’s Swift Response

    Cyberhaven’s security team identified and removed the malicious extension from the Chrome Web Store within hours. A clean version, 24.10.5, was released promptly to replace the compromised update.

    The company has enlisted the expertise of Mandiant, a leading incident response firm, and is cooperating with federal law enforcement agencies to investigate the breach.

    Cyberhaven has committed to revising its security practices to prevent similar incidents in the future.

    Recommended Actions for Affected Users

    To mitigate potential fallout, Cyberhaven has urged users to:

    • Change Credentials: Revoke and rotate passwords, API tokens, and other text-based credentials.
    • Monitor Logs: Examine browser and system logs for unusual activity.
    • Secure Stored Data: Reassess and update credentials saved in the browser for other accounts.

    Wider Implications of the Attack

    This breach is not an isolated incident but part of a broader campaign targeting multiple Chrome extensions. Other compromised tools include:

    • Internxt VPN: Over 10,000 users affected.
    • VPNCity: A privacy-focused VPN with 50,000 users.
    • Uvoice: A survey-based rewards service with 40,000 users.
    • ParrotTalks: A productivity tool used by 40,000 users.

    In each case, attackers injected malicious code to steal sensitive user data and execute remote commands.

    Insights from Security Experts

    Security researcher Jaime Blasco from Nudge Security noted that these attacks appear opportunistic, targeting developer accounts rather than specific companies.

    The attackers leveraged stolen credentials to publish malicious updates across various extensions, exploiting weak points in the Chrome extension ecosystem.

    Blasco’s analysis revealed that the malicious code enabled data collection across diverse extension categories, including AI tools, VPNs, and productivity apps.

    Supply Chain Attack Raises Security Concerns

    The incident highlights systemic vulnerabilities in browser extension security. With extensions often granted deep access to browser data, their compromise can lead to widespread data breaches.

    Cyberhaven’s use of a single admin account for the Chrome Web Store, as revealed in its communication, underscores the need for stricter security measures.

    Broader Industry Impact

    The attack emphasizes the importance of robust security protocols for both developers and businesses:

    • Developers: Must implement stronger authentication, such as multi-factor protocols, and monitor accounts for suspicious activity.
    • Businesses: Should regularly audit third-party tools and enforce policies to limit browser extension permissions.

    Federal Involvement

    Cyberhaven is actively working with U.S. federal law enforcement and the Cybersecurity and Infrastructure Security Agency (CISA) to determine the extent of the attack. While the campaign’s geographical reach remains unclear, its implications are global.

    This incident serves as a wake-up call for the tech industry to address supply-chain vulnerabilities in browser extensions.

    Strengthening account security, conducting regular audits, and fostering awareness among users and businesses are essential steps to prevent future breaches.

    As investigations continue, the spotlight is on how companies and developers can bolster defences to safeguard digital ecosystems against sophisticated cyber threats.

    Cyberattack Google Google chrome
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleEU Enforces USB-C Charging Mandate: A Turning Point for Devices and Consumers
    Next Article OpenAI Shifts to Public Benefit Corporation to Raise Capital for AGI Development
    EchoCraft AI

    Related Posts

    AI

    Google’s Veo 3 and Veo 3 Fast Video Generation Models Now Generally Available on Vertex AI

    July 30, 2025
    AI

    Google to Sign EU’s Voluntary AI Code of Practice, While Raising Concerns Over Regulation

    July 30, 2025
    Tech News

    Allianz Life Confirms Major Data Breach: Hackers Access Personal Data of Customers

    July 26, 2025
    Add A Comment
    Leave A Reply Cancel Reply

    Search
    Top Posts

    Samsung Galaxy S25 Rumours of A New Face in 2025

    March 19, 2024378 Views

    CapCut Ends Free Cloud Storage, Introduces Paid Plans Starting August 5

    July 12, 2024240 Views

    6G technology The Future of Innovation for 2024

    February 24, 2024225 Views
    Categories
    • AI
    • Apps
    • Computers
    • Gadgets
    • Gaming
    • Innovations
    • Live Updates
    • Science
    • Smart Phone
    • Social Media
    • Tech News
    • Uncategorized
    Latest in AI
    AI

    Google’s Veo 3 and Veo 3 Fast Video Generation Models Now Generally Available on Vertex AI

    EchoCraft AIJuly 30, 2025
    AI

    Google to Sign EU’s Voluntary AI Code of Practice, While Raising Concerns Over Regulation

    EchoCraft AIJuly 30, 2025
    AI

    Oppo to Integrate AndesGPT AI Model Into Global After-Sales Service System

    EchoCraft AIJuly 29, 2025
    AI

    Anthropic Introduces Weekly Rate Limits to Rein in Claude Code Power Users

    EchoCraft AIJuly 29, 2025
    AI

    Runway Launched Aleph Video-to-Video AI Model for Post-Production Editing

    EchoCraft AIJuly 28, 2025

    Subscribe to Updates

    Get the latest tech news from FooBar about tech, design and biz.

    Stay In Touch
    • Facebook
    • YouTube
    • Twitter
    • Instagram
    • Pinterest
    Tags
    2024 Adobe AI AI agents AI Model AI safety Amazon android Anthropic apple Apple Intelligence Apps ChatGPT Claude AI Copilot Cyberattack Elon Musk Gaming Gemini Generative Ai Google Grok AI India Innovation Instagram IOS iphone Meta Meta AI Microsoft NVIDIA Open-Source AI OpenAI PC Reasoning Model Robotics Samsung Smartphones Smart phones Social Media U.S whatsapp xAI Xiaomi YouTube
    Most Popular

    Samsung Galaxy S25 Rumours of A New Face in 2025

    March 19, 2024378 Views

    Insightful iQoo Z9 Turbo with New Changes in 2024

    March 16, 2024214 Views

    Apple A18 Pro Impressive Leap in Performance

    April 16, 2024165 Views
    Our Picks

    Apple Previews Major Accessibility Upgrades, Explores Brain-Computer Interface Integration

    May 13, 2025

    Apple Advances Custom Chip Development for Smart Glasses, Macs, and AI Systems

    May 9, 2025

    Cloud Veterans Launch ConfigHub to Address Configuration Challenges

    March 26, 2025

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Facebook X (Twitter) Instagram Pinterest
    • Home
    • Contact Us
    • Privacy Policy
    • Terms & Conditions
    • About Us
    © 2025 EchoCraft AI. All Right Reserved

    Type above and press Enter to search. Press Esc to cancel.

    Manage Consent
    To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
    Functional Always active
    The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
    Preferences
    The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
    Statistics
    The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
    Marketing
    The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
    Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
    View preferences
    {title} {title} {title}