ISLAMABAD – The National Telecommunication and Information Technology Security Board (NTISB) has warned against a new cyber attack campaign, which targets commonly used browser extensions to steal personal information of users.

“Reportedly, a new attack campaign has been unearthed targeting commonly used browser extensions to steal personal information and credentials of applications used via browser e.g. facebook, banking websites etc,” read the latest Cyber Security Advisory.

The board said hackers sent malicious code through phishing techniques in order to compromise targeted publishers of legitimate extensions; further stealing user’s PII using said extensions.

At least 16 common extensions (including VPN and AI ChatBots) are suspected to be compromised:

AI Assistant — ChatGPT and Gemini for Chrome

Bard AI Chat Extension

GPT 4 Summary with OpenAl

Search CoPilot AI Assistant for Chrome

Wayin AI

VPNCity

Intetnxt VPN

Vidniz Flex Video Recorder

VidHelper Video Downloader

Bookmark Favicon Changer

UVoice

Reader Mode

Parrot Talks

Primus

Trackker — Online Keylogger Tool

AI Shop Buddy

Rewards Search Automation etc.

The board has also issued guidelines for safe usage of all browser extension users. It has advised people to avoid above mentioned extensions for time being and use alternate well reputed options.

It said only trusted extensions should be installed, adding that permissions and ratings should be read and reviewed carefully before download. Following are the further guidelines:

Limit permissions where possible.

Regularly update extensions.

Remove unused extensions.

Use well reputed and licensed Antivirus software.

Be wary of free extensions.

Actively monitor system utilities and data usage for abnormal activity.