Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
#1 2017-08-23 14:08:17
- Algaris
- Member
- From: England
- Registered: 2006-01-27
- Posts: 548
Chrome Extension attacks used to steal Cloudflare credentials
I know some people here use Cloudflare so I thought I’d share this link:
https://www.wordfence.com/blog/2017/08/chrome-browser-extension-attacks/
In June, July and August, developers of the following Chrome extensions had their login credentials stolen through a phishing attack. The extensions affected are:
- Web Developer – Versions 0.4.9 affected
- Chrometana – Version 1.1.3 affected
- Infinity New Tab – Version 3.12.3 affected
- CopyFish – Version 2.8.5 affected
- Web Paint – Version 1.2.1 affected
- Social Fixer 20.1.1 affected
- TouchVPN appears to have been affected but the version is unclear
- Betternet VPN also appears to have been affected but no version was provided
Once a victim installed a compromised Chrome extension, the extension would steal Cloudflare credentials if the victim has a Cloudflare account. The extension did this by making a request to a URL on Cloudflare to get an API key.
Last edited by Algaris (2017-08-23 14:11:34)
Offline