Summary

A malicious Google Chrome extension has been identified, targeting data from Meta Business Suite and Facebook Business Manager. The extension, named CL Suite by @CLMasters, is designed to steal sensitive business data, emails, and browsing history.

Key Points

• The extension is called CL Suite by @CLMasters with the ID: jkphinfhmfkckkcnifhjiplhfoiefffl.
• It targets data associated with Meta Business Suite and Facebook Business Manager.
• Marketed as a tool for scraping data, removing verification pop-ups, and generating 2FA codes.
• The discovery highlights the risks associated with browser extensions.

Analysis

This discovery underscores the ongoing threat posed by malicious browser extensions, which can compromise sensitive business data. The extension's ability to target Meta Business Suite and Facebook Business Manager is particularly concerning, given the widespread use of these platforms for business operations. IT professionals should be vigilant in monitoring and managing browser extensions within their organizations.

Conclusion

IT professionals should conduct regular audits of browser extensions used within their networks and educate employees on the risks of installing unverified extensions. Implementing strict policies on extension usage can help mitigate potential threats.