Bookmark Article
Hackers gained access to admin accounts through a phishing campaign and modified several Chrome extensions with malicious code, targeting specific social media advertising and AI platforms. Cyberhaven, a cybersecurity company, was compromised on December 24, along with other extensions like ParrotTalks, Uvoice, and VPNCity. Cyberhaven advised customers to revoke and rotate passwords after discovering the attack aimed at stealing Facebook Ads user data, including access tokens and user IDs, with a mouse click listener added. The breach was detected on December 25, and a clean version of the extension was released within an hour.
Full Article
