Summary

More than 100 extensions in the Chrome Web Store have been identified as malicious, targeting users by stealing Google OAuth2 Bearer tokens, deploying backdoors, and engaging in ad fraud.

Key Points

• Over 100 malicious Chrome extensions have been discovered in the official Chrome Web Store.
• These extensions are designed to steal Google OAuth2 Bearer tokens.
• The extensions also deploy backdoors on user systems.
• They are involved in ad fraud activities.

Analysis

This discovery highlights a significant security threat within the Chrome Web Store, a trusted source for browser extensions. The ability of these extensions to steal OAuth2 tokens and deploy backdoors poses a severe risk to user data and system integrity. The involvement in ad fraud further indicates a broader malicious intent, potentially affecting a large number of users.

Conclusion

IT professionals should immediately review and audit installed Chrome extensions within their organizations. It is recommended to remove any suspicious or unnecessary extensions and monitor for unauthorized access attempts or unusual network activity.