Chrome Extension With Over One Million Users Hijacked to Serve Adware
▻https://www.bleepingcomputer.com/news/security/chrome-extension-with-over-one-million-users-hijacked-to-serve-adw
The developer of a very popular Google Chrome extension has regained access over his tool after an unknown hacker had managed to hijack his developer account and push a malicious version that contained adware.
The extension’s name is Web Developer, a tool developed by Chris Pederick, Director of Engineering at Bleacher Report. The extension overlays a popup with various debug tools that developers can use when building or editing their websites.
Over the weekend, someone compromised another Chrome extension in the same way. The owners of Copyfish — on OCR extension for Google Chrome — also fell for a phishing email and someone took over their developer account. The hijackers did the same thing and used the developers’ account to push a malicious update that inserted ads on the websites Copyfish users were trying to view.