Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Sunday August 13 2017, @01:59PM   Printer-friendly
from the why-not-block-the-spam? dept.

Google's security team has sent out warnings via email to Chrome extension developers after many of them have been the targets of phishing attacks, some of which have been successful and resulted in crooks taking over extensions.

These phishing attacks have come into the limelight this past week when phishers managed to compromise the developer accounts for two very popular Chrome extensions — Copyfish and Web Developer.

The phishers used access to these developer accounts to insert adware code inside the extensions and push out a malicious update that overlaid ads on top of web pages users were navigating.

According to new information obtained by Bleeping Computer, these attacks started over two months ago and had been silently going on without anyone noticing.

All phishing emails contained the same lure — someone posing as Google was informing extension developers that their add-on broke Chrome Web Store rules and needed to be updated.

The extension developer was lured onto a site to view what was the problem and possibly update the extension. Before seeing the alert, the site asked extension developers to log in with their Google developer account, a natural step when accessing a secure backend.

The login page was identical to the real Google account login page, and this is how the owners of the Copyfish and Web Developer extensions compromised their accounts.

Source:

https://www.bleepingcomputer.com/news/security/chrome-extension-developers-under-a-barrage-of-phishing-attacks/


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by cubancigar11 on Monday August 14 2017, @10:32AM (1 child)

    by cubancigar11 (330) on Monday August 14 2017, @10:32AM (#553584) Homepage Journal

    Ah. I see what you are saying. I was like, where did MS come from :)

    You are of course right. But phishing is not really OS problem. The email lead developers to a password harvesting website. Once you have handed over login password, anything is possible. PEBKAC is PEBKAC but we can at least make it just as easy as browsers, right?

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by urza9814 on Thursday August 17 2017, @11:31AM

    by urza9814 (3954) on Thursday August 17 2017, @11:31AM (#555230) Journal

    Hmm...I agree it's not an OS problem, but it's certainly a Microsoft problem.

    I just checked in Outlook (at work) and I can't find any way to determine who actually sent a mail. It'll show the name they want you to see, but not the actual source. If I'm at home (Thunderbird) or on my phone (K-9 Mail) I just click 'show headers' and it shows it. On Outlook if you click 'show headers' it...hides the part where it shows you the name the sender wants you to see. I can't see any obvious way to show their actual address. That's the absolute first thing I do whenever I come across a suspicious message, to check the true source address and what mailservers it came though; the fact that Microsoft doesn't readily give users access to that information certainly makes it harder to handle these kinds of spam and phishing messages.