In a recent cybersecurity advisory, Pakistan’s National Telecommunication and Information Security Board (NTISB) has issued a warning regarding a new attack campaign that targets users of widely used browser extensions. This emerging threat involves the compromise of legitimate browser extensions to steal personal data, including sensitive credentials for social media accounts and banking platforms.
According to the NTISB’s advisory, hackers have successfully injected malicious code into at least 16 commonly used browser extensions. These extensions, which include a variety of AI-powered tools, VPN services, and video downloaders, are used by millions of individuals worldwide. The malicious actors are utilizing phishing techniques to compromise the extension publishers themselves, allowing them to access users’ private information once the compromised extensions are installed.
Some of the affected extensions include popular AI tools like “AI Assistant – ChatGPT and Gemini for Chrome,” the “Bard AI Chat Extension,” and the “GPT 4 Summary with OpenAI.” Other compromised extensions include “VPNCity,” “Internxt VPN,” “Vidniz Flex Video Recorder,” and “VidHelper Video Downloader.” In addition, extensions related to bookmarking, voice services, reading modes, and automation tools have also been flagged as potentially compromised.
As this attack campaign continues to unfold, the NTISB strongly urges users to be cautious about the extensions they install on their browsers. It is particularly important for users to avoid using the affected extensions and to seek out well-reputed alternatives. The advisory emphasizes the importance of verifying the legitimacy of each extension, particularly by checking user ratings and permissions before installation. In some cases, users may want to reconsider granting certain permissions, especially if they seem excessive for the extension’s functionality.
The NTISB has also provided several recommendations to help users minimize the risk of falling victim to this cybersecurity threat. Among the key recommendations is the need to keep all installed browser extensions up to date. Security patches often address vulnerabilities that can be exploited by hackers, so maintaining up-to-date software is critical in preventing such attacks. Users are also advised to remove extensions they no longer use, as these can become potential entry points for malicious activity.
Furthermore, the advisory underscores the importance of using well-known and licensed antivirus software. Such software can help identify and neutralize threats before they can cause significant harm. Users should also be wary of free extensions, which tend to carry a higher security risk compared to paid, vetted alternatives.
Another critical recommendation in the advisory is continuous monitoring of system utilities and data usage. By staying alert to any abnormal activity, users can spot potential breaches and unauthorized access early, preventing extensive damage. The NTISB stresses that proactive measures, such as regularly reviewing browsing activity and permissions, can be instrumental in protecting users’ sensitive data.
In conclusion, the NTISB urges all users to exercise caution when interacting with browser extensions. As the number of cyber threats continues to grow, following these best practices will help protect personal information from malicious actors. The advisory serves as a timely reminder of the importance of cybersecurity hygiene in today’s increasingly digital world.
