• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 28th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Cyber Crime
Phishing Scam

Popular Chrome extension hacked to deliver adware

August 1st, 2017 Uzair Amir Security, Malware, Phishing Scam, Scams and Fraud 0 comments
Popular Chrome extension hacked to deliver adware
Share on FacebookShare on Twitter

Copyfish extension of Google Chrome lets users extract textual content from PDF files, images, and videos. It is a widely used extension having over 37,500 users. Reportedly, this particular extension has been hacked by phishing specialists after they managed to compromise the account of German developer team a9t9 at Chrome Web Store.

Copyfish chrome extension

[irp posts=”51188″ name=”Chrome Users Beware- Do Not Fall Prey to Missing Font Malware Campaign”]

Now they are using this extension for distribution of spam messages for trapping innocent users. The perpetrators of this attack are yet unknown, but it is clear that they have inserted advertisement injection capabilities in the extension.

A9t9 software stated that the hacking suspicion emerged when a member of the team received a phishing email that looked just like the one usually sent by Chrome Web Store’s team. It stated that the recipient must update their Copyfish Chrome extension or else Google will be removing it from its Web Store.

The recipient was asked to select the “Click here to read more details” button that opens a Google password dialog box. The password is to be entered at a bit.ly link. The recipient, a member of a9t9 software, was viewing the email in HTML format. Therefore, he did not receive any warning message and continued to enter the password from his developer account.

It was identified that hackers had replicated the password screen immaculately as it looked the same as on Google. At this point, the developer team had not suspected phish attack because “Chrome extension was simply not on [their] radar screen.”

[fullsquaread][/fullsquaread]

Popular Chrome app hacked to deliver adware

Screenshot of the phishing page (Image Credit: A9t9)

After the team member entered credentials of a9t9 software’s developer account the Copyfish extension was updated to the hacker’s version, which was version 2.8.5. This version is sending spam messages and ads to its users.

It must be noted that only the Chrome version of Copyfish is hacked whereas its Firefox version is safe. The attackers prevented the developers of extension from eliminating the infection by moving the extension. This is why Copyfish developers still have no control over it, and they suspect that the hackers may update the extension later. It is identified that the hack attack occurred on 28th July.

Developers issued an official statement as well, which read: “So far, the update looks like standard adware hack, but, as we still have no control over Copyfish. We cannot even disable it—as it is no longer in our developer account.”

Google has been contacted and notified by a9t9, and the tech giant is already working on ensuring that the company can access its software. A9t9 software also urged users to stop installing any version of Copyfish for the time being and delete it if they have installed.

At the time of publishing this article, the Copyfish extension was deleted from Chrome web store.

[irp posts=”53980″ name=”Bug Lets Chrome Stealthily Record Audio and Video”]

  • Tags
  • Chrome
  • Fraud
  • Google
  • hacking
  • internet
  • Malware
  • Phishing
  • Privacy
  • Scam
  • security
Facebook Twitter LinkedIn Pinterest
Previous article Dutch Police Nabs Romanian Gang for Stealing $590K worth of iPhones
Next article Svpeng Android Banking Trojan Tweaked with Keylogger Feature
Uzair Amir

Uzair Amir

I am an Electronic Engineer, an Android Game Developer and a Tech writer. I am into music, snooker and my life motto is 'Do my best, so that I can't blame myself for anything.'

Related Posts
World's Most 'Resilient Malware' Botnet Emotet Taken Down

World's Most 'Resilient Malware' Botnet Emotet Taken Down

Top Cybersecurity Threats to Watch in 2021

Top Cybersecurity Threats to Watch in 2021

Database of 176 million Pakistani mobile phone users sold online

Database of 176 million Pakistani mobile phone users sold online

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
NetWalker ransomware disrupted - Cryptocurrency and domain seized
Cyber Crime

NetWalker ransomware disrupted - Cryptocurrency and domain seized

43
Transferring Whatsapp data from iPhone to Android with MobileTrans
How To

Transferring Whatsapp data from iPhone to Android with MobileTrans

29
World's Most 'Resilient Malware' Botnet Emotet Taken Down
Cyber Crime

World's Most 'Resilient Malware' Botnet Emotet Taken Down

85

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us