A Google Chrome extension was recently attacked by phishers through spam messages to unsuspected users
Google’s extension, Copyfish, was hijacked and compromised by unknown attackers who have supplied it with “advertisement injection capabilities”.
The Chrome Web Store account of German developer team, a9t9 software, was recently attacked after a team member received phishing emails identical to the Chrome Web Store teams, asking to update Chrome’s Copyfish extension; to push spam and advertisements to its users.
Copyfish has over 37,5000 users, allowing them to withdraw text from images, videos and PDF files.
The attackers then prevented developers from removing the infected extension to its developer account, providing a bit.ly link.
Developers announced that the password screen looked identical to that of Google, although the team did not have proof of its fake password page because of it only appearing once.
According to Hacker News, developers warned: “So far, the update looks like a standard adware hack, but, as we still have no control over Copyfish, the thieves might update the extension another time… until we get it back.
“We can not even disable it — it is no longer in our developer account.”
Users are advised not to install the malicious Chrome extension and delete it if they already have it installed.
Google developer support is also working to provide a9t9 with access to its software.
Written by Leah Alger