FBI WARNING: Cyber Criminals Targeted Web Browser Extensions to distribute malware

  • Important Security Notification!The FBI has observed cyber criminals targeting web browser extension (WBE) developers as intrusion vectors during spearphishing campaigns, allowing for distribution of malware to end users.Popular WBEs can be used to block intrusive pop-ups and advertisements, store sensitive website credentials, and customize the web browser’s user interface.Cyber criminals increasingly select WBEs as an intrusion vector because of the trust a victim puts into them and the WBEs’ ability to autoupdate, pushing malicious code to the victim without notification. By hacking WBE developer accounts, cyber criminals exploit victims with the WBE already installed, removing the social engineering required to convince a victim to download a malicious WBE.What you should do:
    • Limit the installation of web browser extensions as much as possible.
      Extensions are software add-ons for customizing a web browser. Browsers typically allow a variety of extensions, including user interface modifications, ad blocking, cookie management, etc….

    Be very aware of the following:

    • Permissions requested by browser extensions when installing, or after updates.
    • Advertisements that seem out of the ordinary of typical web browsing use.
    • Unexpected website redirections and new homepages while using the web browser. They could be indications that you have an infected WBE. Call our Support Team immediately.

     

    If you experience any of the above,
    you could have an infected WBE.

    Call our Support Team if you have any
    questions or concerns. 908-707-9696