Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History

Cybersecurity researchers have identified a malicious Google Chrome extension, CL Suite by @CLMasters (ID: jkphinfhmfkckkcnifhjiplhfoiefffl), that is actively stealing sensitive business data, emails, and browsing history. The extension is deceptively marketed as a tool for scraping Meta Business Suite data, removing verification pop-ups, and generating two-factor authentication (2FA) codes, but it actually compromises user information from platforms like Facebook Business Manager.

This discovery highlights the risks posed by seemingly legitimate browser extensions that can exploit user trust to access confidential business and personal data. Users are advised to exercise caution when installing extensions, verify their sources, and regularly review their browser security settings to prevent such threats.

Key Takeaways

Malicious Chrome extension CL Suite steals business data, emails, and browsing history
Extension is marketed as a tool for Meta Business Suite scraping and 2FA code generation
Threat exploits user trust in browser extensions to access sensitive information
Users should verify extension sources and maintain browser security

Source: The Hacker News

Press ESC to close

Key Takeaways

Share Article:

Tarang Parmar

UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors

npm’s Update to Harden Their Supply Chain, and Points to Consider