Malicious Chrome extensions in the Google Web Store

Updated 11/25/2022: Malicious Chrome extensions

Google has removed two Roblox-themed Chrome extensions from the official Web Store after it discovered that recent updates placed malicious code in users’ browsers that stole their Roblox account credentials. The incident appears to be related to several reports from Roblox users who had some of their game inventory stolen in the past few days. More than 200,000 users have installed the extensions. Read more: Backdoored Chrome extension installed by 200,000 Roblox players

Updated on 11/24/2022

SearchBlox, a Chrome browser extension, was found with a backdoor that can steal Roblox credentials and Rolimons assets. It has been installed more than 200,000 times. Read more: Backdoored Chrome extension installed by 200,000 Roblox players

Overview

Group-IB found that at least 34 unique Russian-speaking threat actors stole 50,350,000 account passwords from 896,000 infections between January and July. Read more: Professional Thieves: Opportunistic Scammers Targeting Steam, Roblox, and Amazon Users in 111 Countries

Also Read:  The free Fallout 76 Nuka-World on Tour update is now live

Leave a Comment