Tech

Hackers Bypass Google Chrome’s 2FA with Malicious Extensions

11
Google Chrome

Hackers have successfully bypassed two-factor authentication (2FA) protections through a series of malicious Google Chrome extensions, putting millions of users at risk.

This ongoing attack, which began in mid-December and continued through the holiday season, primarily targets session cookies to bypass 2FA security measures.

The attack was first reported on December 27, when several companies, including Cyberhaven, were compromised. Hackers used phishing tactics to gain access to the Google Chrome Web Store, where they uploaded a malicious version of the Cyberhaven extension.

This extension was active between December 25 and 26, and it was able to steal session cookies, allowing attackers to bypass 2FA protections.

The attack exploited a flaw where the session cookie created during successful 2FA login was captured and stored by the attackers.

This allowed them to authenticate as the user without needing to bypass the 2FA process directly. Affected users were typically those whose browsers auto-updated to the compromised extension version.

Cyberhaven confirmed that the attack targeted social media advertising and AI platforms, potentially compromising sensitive data.

The malicious extension was removed from the Chrome Web Store within 60 minutes of discovery, and a secure version was deployed for affected users.

Security experts recommend using security keys and passkeys to reduce the impact of such attacks, as they offer stronger protection than traditional 2FA methods.

Users are also urged to verify updates to their Chrome extensions and be cautious when granting third-party app permissions.

Written by
Sazid Kabir

I've loved music and writing all my life. That's why I started this blog. In my spare time, I make music and run this blog for fellow music fans.

Related Articles

Apple Tim Cook
Tech

Why iPhone Users Are Raving About This $0.99 Apple Product

Apple’s best privacy feature might be one you’ve never even heard of—and...

Xbox Copilot for Gaming App
TechApps & Updates

Xbox Copilot for Gaming Arrives on Mobile, Early Testing Begins

Microsoft has begun rolling out an early version of its Xbox Copilot...

Starlink
Tech

Solar Storms Are Killing Starlink Satellites Faster Than Expected

A recent NASA study has revealed that powerful solar storms are causing...

Carl Pei, Nothing CEO
SmartphonesAITech

Nothing CEO Carl Pei Predicts AI-Powered OS Will Replace Apps in 7-10 Years

Carl Pei, the co-founder of Nothing, shared his bold vision for the...