Security News > 2023 > July > Cyberattacks through Browser Extensions – the Importance of MFA
The extension enabled threat actors to monitor browser history, take screenshots, and inject malicious scripts that targeted cryptocurrency exchanges.
Multiple malicious extensions target user installations, leading to a real danger of data exfiltration and system compromise.
Users may need to scrutinize the installation process more closely since these extensions are downloaded from traditionally trusted sources, such as Google and Microsoft's Visual Studio Code extension repository.
Previously legitimate extensions or packages may be sold to an unscrupulous group that allows a user to be silently compromised from a formerly trusted source.
What can an IT department and a user do to protect themselves? One approach is to vet extensions and packages and use allow-lists to proactively limit what a user can install.
These applications can range from extensions to packages that can auto-update and appear legitimate.