Google and Microsoft Trusted Them. 2.3 Million Users Installed Them. They Were Malware.
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A coordinated campaign of 18 malicious browser extensions infected 2.3 million users across Chrome and Edge. These extensions, including a color picker tool, appeared legitimate with verified badges and high install counts. The RedDirection campaign implemented sophisticated browser hijacking mechanisms, capturing users' browsing data and potentially redirecting them to malicious sites. The malware was introduced through version updates of previously clean extensions, exploiting the auto-update feature of browsers. The campaign demonstrates systemic failures in marketplace security, verification processes, and trust signals, turning productivity tools into surveillance malware. Users are advised to remove affected extensions and monitor their accounts for suspicious activity.
OPENCTI LABELS :
chrome,supply chain attack,edge,browser extension,reddirection,trust exploitation,verification bypass
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Google and Microsoft Trusted Them. 2.3 Million Users Installed Them. They Were Malware.