Over 260,000 Google Chrome users have inadvertently downloaded fake AI assistants that deliver malicious extensions capable of stealing login credentials and monitoring emails. Cybersecurity researchers from LayerX identified over 30 such extensions, referring to the operation as “AiFrame.” Notably, some extensions, like ‘AI Assistant,’ which mimicked Anthropic’s Claude AI, were even featured in the Chrome Web Store, enhancing their legitimacy. These fraudulent tools employed a technique called “extension spraying,” allowing them to evade takedowns by quickly replacing removed extensions. The malicious software uses full-screen iframes, enabling attackers to load remote content and exfiltrate data from users’ browsers and Gmail accounts. While many harmful extensions have been removed, users who downloaded them remain at risk. LayerX cautioned that these extensions function as “general-purpose access brokers,” posing serious threats to user privacy and security. For more information, Infosecurity has reached out to Google.
Source link
Share
Read more