The National Government has issued a critical cybersecurity advisory, alerting Pakistani users about the growing risks associated with certain browser extensions that could potentially compromise their personal data. The advisory focuses on tools like ChatGPT-4, Gemini for Chrome, and other popular browser extensions that have been targeted by hackers to steal sensitive user information.
Targeted Browser Extensions at Risk
The NTISB has identified over 16 compromised browser extensions that may be exposing users to phishing attacks and malicious code. Among the most notable affected tools are:
- AI Assistant – ChatGPT
- Bard AI Chat Extension
- VPNCity
- VidHelper Video Downloader
- Trackker – Online Keylogger Tool
These widely used tools, many of which integrate artificial intelligence and VPN services, have been hijacked by cybercriminals who inject malicious code into the extensions. Once installed, these extensions can harvest users’ personally identifiable information (PII), such as passwords, browsing history, and more.
Rising Threats and Phishing Techniques
The advisory highlights a concerning rise in sophisticated phishing techniques that are being used to exploit the growing use of virtual private networks (VPNs) and AI-powered browser tools. Hackers are reportedly leveraging the trust users place in these widely used services to deliver harmful payloads, bypassing traditional security measures.
Key Recommendations for Protecting Your Data
To help mitigate the risks and protect against potential data breaches, the advisory has outlined several best practices for users:
- Avoid Affected Extensions: Users are urged to stop using compromised extensions and look for trusted alternatives.
- Install Only from Reputable Sources: Ensure that browser extensions are downloaded from verified and reliable platforms like the Chrome Web Store or official developer websites.
- Review Extension Permissions: Before installing any extension, check its permissions and user reviews to ensure that it does not ask for unnecessary access to sensitive information.
- Regular Updates: Always ensure that your extensions are up-to-date to minimize vulnerabilities.
- Remove Unused Extensions: Delete any browser extensions that are no longer needed to reduce potential attack vectors.
- Install Antivirus Software: Maintain up-to-date antivirus software to detect and block malicious activity.
- Be Cautious with Free Extensions: Free extensions, while often appealing, can carry hidden risks. Avoid installing extensions that seem too good to be true.
- Monitor System Activity: Be vigilant and monitor your browser and system for any unusual activity that could indicate an infection.
As digital threats continue to evolve, the advisory emphasizes the importance of proactive measures in safeguarding online privacy. Users are strongly encouraged to stay vigilant and take immediate action to protect their personal data from potential threats.
The advisory serves as a timely reminder of the risks posed by seemingly harmless browser extensions and the importance of maintaining strong cybersecurity hygiene.
