ISLAMABAD – The National Telecommunication and Information Technology Security Board (NTISB) has warned against a new cyber attack campaign, which targets commonly used browser extensions to steal personal information of users.
“Reportedly, a new attack campaign has been unearthed targeting commonly used browser extensions to steal personal information and credentials of applications used via browser e.g. facebook, banking websites etc,” read the latest Cyber Security Advisory.
The board said hackers sent malicious code through phishing techniques in order to compromise targeted publishers of legitimate extensions; further stealing user’s PII using said extensions.
At least 16 common extensions (including VPN and AI ChatBots) are suspected to be compromised:
AI Assistant — ChatGPT and Gemini for Chrome
Bard AI Chat Extension
GPT 4 Summary with OpenAl
Search CoPilot AI Assistant for Chrome
Wayin AI
VPNCity
Intetnxt VPN
Vidniz Flex Video Recorder
VidHelper Video Downloader
Bookmark Favicon Changer
UVoice
Reader Mode
Parrot Talks
Primus
Trackker — Online Keylogger Tool
AI Shop Buddy
Rewards Search Automation etc.
The board has also issued guidelines for safe usage of all browser extension users. It has advised people to avoid above mentioned extensions for time being and use alternate well reputed options.
It said only trusted extensions should be installed, adding that permissions and ratings should be read and reviewed carefully before download. Following are the further guidelines:
Limit permissions where possible.
Regularly update extensions.
Remove unused extensions.
Use well reputed and licensed Antivirus software.
Be wary of free extensions.
Actively monitor system utilities and data usage for abnormal activity.
