If you rely on browser add-ons to make work easier, this will serve as a bit of a wake-up call 😬
A group of malicious browser extensions have recently been discovered by security researchers. At first glance they appear to be helpful, they work as intended, and yet they quietly spy on everything you do.
This effects millions of people across Chrome, Edge and Firefox.
The latest campaign is nicknamed ‘Zoom Stealer’.
It mimics legitimate professional tools like Zoom, or Google Meet.
Once installed, it doesn’t behave in a way that raises suspicion.
Everything looks above board. It does what it should and even has good reviews.
But it’s quietly doing things in the background, like collecting:
- Meeting links
- Meeting IDs and passwords
- Who’s attending
- Topics and descriptions
- Webinar registration details
All the information that would be useful to eavesdrop, impersonate someone, or plan a targeted attack.
A browser extension is a lightweight add-on you can install on your web browser.
They can often see the pages you visit and what you type. This is what makes them so useful for those with bad intentions.
Like many cyber-attacks, this campaign hides behind trust.
The extension itself behaves and works as expected. It doesn’t break anything or set off any alarm bells.
However, in the background, it quietly sends data to attackers.
This is not an isolated incident either.
The same group is responsible for multiple campaigns that have used similar tricks, hijacking searches, stealing data, and even taking control of browsers.
So, what can we do?
First: Minimise the extensions to only what is necessary. Every add-on is a potential access point to your digital workspace.
Second: Limit extensions to those from vendors you trust.
And third: Change your passwords if you have to remove a suspicious extension. Especially for your emails and anything linked to money.
Cyber criminals tend to go where people feel safe. And browser add-ons fit that criteria right now.
🤔 Do you have a lot of extensions installed on your browser?
Leave a comment!