Cyberhaven Hacked – Chrome Extension With 400,000 users Compromised

Cyberhaven, a prominent cybersecurity company, disclosed that its Chrome extension With 400,000+ users was targeted in a malicious cyberattack on Christmas Eve 2024, as part of a broader campaign affecting multiple Chrome extension developers.

CEO Howard Ting announced the incident in a detailed transparency report, outlining the attack’s scope and the company’s response.

The breach occurred when attackers successfully executed a phishing attack, compromising an employee’s Google Chrome Web Store credentials.

The threat actors leveraged these credentials to deploy a malicious version (24.10.4) of Cyberhaven’s Chrome extension.

The company’s security team identified the compromise at 11:54 PM UTC on December 25 and swiftly removed the malicious package within 60 minutes.

The security incident’s impact was relatively contained, affecting only users who had their Chrome-based browsers auto-update between 1:32 AM UTC on December 25 and 2:50 AM UTC on ...