Chrome Extensions & Blockchain Malware: New Threats You Need to Know
This week brought two major security stories that highlight how attackers are getting smarter about staying hidden. Whether you're a casual browser user or managing enterprise security, these threats deserve your attention.
108 Malicious Chrome Extensions Are Stealing Your Data Right Now
Researchers just discovered over 100 fake Chrome extensions that have already infected around 20,000 people. These aren't random attacks—they're part of an organized operation being sold as a service to other criminals. The extensions do three nasty things: steal your Google login credentials, secretly record your Telegram messages every 15 seconds, and open mysterious websites in the background whenever you restart your browser. All of these extensions were tied back to just two criminal operations, and the attackers are literally running an online shop selling access to this infrastructure. If you use Chrome, it's worth checking your installed extensions right now and removing anything suspicious.
New Malware Uses Blockchain to Build an Unstoppable Command Center
A brand new infostealer called Omnistealer is exploiting an innovative attack technique: hiding its control instructions inside blockchain transactions where law enforcement and security teams can't shut it down. The malware spreads through fake freelance job offers on LinkedIn and GitHub, and it targets everything—your password managers, crypto wallets, browser data, and cloud storage credentials. Researchers estimate it's already compromised roughly 300,000 credentials from financial firms, defense contractors, and even US government employees. This is significant because it shows criminals are evolving beyond traditional takedown methods, making this much harder to stop.
Stay ahead of threats with GOCO Security at gocosecurity.com
.jpg)
Comments
Post a Comment