Security alerts are sounding as five malicious Chrome extensions have been discovered actively pilfering sensitive data from critical business platforms like Workday, NetSuite, and SuccessFactors. These insidious extensions are designed to infiltrate corporate environments, enabling cybercriminals to hijack user sessions, disable security measures, and gain unauthorised access to confidential company and employee information. The threat landscape for businesses has significantly expanded, with browser extensions emerging as a major vector for sophisticated attacks.
The identified extensions, including names such as DataByCloud Access, Tool Access 11, and Software Access, operate stealthily once installed. Their capabilities are alarming: they can steal session tokens and cookies, effectively allowing attackers to take over corporate accounts without needing additional credentials. Furthermore, they can manipulate the Document Object Model (DOM) to block administrative panels and exfiltrate data directly to attacker-controlled servers, often masquerading as legitimate API endpoints. This stolen traffic is channelled to domains like api.databycloud[.]com and api.software-access[.]com, serving as command centres for the compromised sessions.
The operational impact of such breaches is substantial, ranging from facilitating internal fraud and leaking confidential information to gaining access to payroll data and executing unauthorised transactions on critical business platforms. Organisations with basic security controls or lacking active browser monitoring are particularly vulnerable. To combat these threats, experts strongly recommend a proactive approach: regularly auditing installed extensions, enforcing software restriction policies, deploying EDR solutions with browser visibility, and crucially, enhancing user awareness regarding the risks associated with extensions. Following the identification of these malicious extensions, it is advised to reset passwords, review suspicious access logs, and verify the status of affected accounts. This ongoing trend underscores that the browser has become a critical cybersecurity battleground for corporations, demanding protection that extends beyond traditional endpoint security measures.
Artículos relacionados de LaRebelión:
- CrashFix Chrome Malware Oculto en Extensiones
- EV Roadside Fixes Beat Petrol New Data Debunks Fears
- Instagram Data Leak Millions of User Details on Dark Web
- APT28 Russian Hackers Target Energy Policy Data
- VVS Stealer Discord Browser Data Thief Revealed
Artículo generado mediante LaRebelionBOT
No hay comentarios:
Publicar un comentario