Cyber startup employee hacked to distribute malicious Chrome extension

Tags

External References

• https://therecord.media/
• https://www.linkedin.com/
• https://otx.alienvault.com/

Description

Several Chrome extensions have been compromised, including those related to Cyberhaven. The affected extensions are linked to multiple suspicious domains resolving to the same IP address as cyberhavenext[.]pro. Some confirmed compromised extensions are listed with their corresponding URLs. Users are advised to search for these extensions in their environments and monitor for any traffic to the IP address 149.28.124[.]84. This information suggests a widespread attack targeting browser extensions, potentially putting users' data and privacy at risk.

Date