ShadyPanda’s Extension Exposé: A 7-Year Browser Blunder Unmasked!
ShadyPanda strikes again! This elusive threat actor has managed to turn seemingly harmless browser extensions into sinister data-gathering spyware. Thanks to some sneaky updates and a dash of trust from Google, they’ve amassed over 4.3 million installations. Beware the once-legit Clean Master and WeTab. Time to uninstall and change those passwords!
Hot Take:
ShadyPanda has been busy turning browser extensions into their personal spy network! Who knew productivity apps could have a side hustle as secret agents? Google and Microsoft must be feeling like they’ve been outsmarted by a panda with a penchant for espionage. Who’s ready for a browser extension shakedown?
Key Points:
- A threat actor known as ShadyPanda ran a seven-year browser extension campaign, amassing over 4.3 million installations.
- Five legitimate extensions were maliciously altered in mid-2024, enabling remote code execution and data exfiltration.
- The extensions engaged in affiliate fraud and browser control, including search query redirection and cookie exfiltration.
- Google-verified extension “Clean Master” was used to build user trust before distributing malicious updates.
- Users are advised to remove affected extensions and change passwords due to potential credential theft risks.
Already a member? Log in here