Yazılar

Hackers Target Multiple Companies’ Chrome Extensions in Widespread Campaign

/in /tarafından

Hackers have compromised a variety of companies’ Chrome browser extensions in a series of cyberattacks that began in mid-December, according to affected firms and cybersecurity experts. One confirmed victim, Cyberhaven, a California-based data protection company, revealed the breach in a statement to Reuters on Friday.

“Cyberhaven can confirm that a malicious cyberattack occurred on Christmas Eve, affecting our Chrome extension,” the company said. It referenced cybersecurity experts’ findings, which indicated the breach was part of a broader campaign targeting Chrome extension developers across multiple organizations. The company also confirmed it is cooperating with federal law enforcement authorities in its investigation.

Browser extensions, often used to enhance user experience through features like auto-applying coupons or improving data management, were exploited in this campaign to compromise sensitive data. Cyberhaven’s Chrome extension is specifically designed to help monitor and secure client data across web-based applications.

Jaime Blasco, cofounder of Nudge Security in Austin, Texas, noted that Cyberhaven is not an isolated case. He identified several other compromised extensions, some impacted as early as mid-December. These included extensions related to artificial intelligence and virtual private networks (VPNs), suggesting an opportunistic approach aimed at collecting as much sensitive data as possible from a wide range of sources.

Blasco said, “I’m almost certain this is not targeted to Cyberhaven. If I had to guess, this was just random.”

The geographical reach of the campaign remains unclear. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) declined to comment, referring inquiries to the affected companies. Alphabet, the parent company of Google and maker of the Chrome browser, did not immediately respond to requests for comment.

This incident highlights the vulnerabilities associated with browser extensions and the potential for malicious actors to exploit them for broad data collection efforts. Experts urge developers and users alike to exercise caution and maintain robust security measures for extensions to prevent similar breaches.

 

JAL’s Systems Restored After Cyberattack Causes Flight Delays

/in /tarafından

Japan Airlines (JAL) announced on Thursday that its systems were fully restored after a cyberattack earlier in the day disrupted domestic and international flights. The incident affected internal and external systems, prompting the airline to suspend same-day ticket sales temporarily.

The attack began at 7:24 a.m., causing malfunctions linked to a router, which JAL identified and resolved by shutting it down. Ticket sales for flights departing on Thursday resumed once the issue was addressed.

JAL confirmed that no customer data was leaked during the incident and reported no damage from computer viruses. Meanwhile, ANA Holdings, Japan’s other major airline, stated that its systems were unaffected by the cyberattack.

The disruption at JAL follows a similar incident earlier this week when American Airlines briefly grounded all flights for an hour on Christmas Eve due to a technical issue involving network hardware, affecting thousands of travelers.

 

US Judge Finds Israel’s NSO Group Liable for Hacking in WhatsApp Lawsuit

/in /tarafından

A U.S. judge has ruled in favor of Meta Platforms’ WhatsApp in a lawsuit against Israel’s NSO Group, finding the company liable for exploiting a vulnerability in WhatsApp’s messaging app to install spyware, enabling unauthorized surveillance. U.S. District Judge Phyllis Hamilton of Oakland, California, granted WhatsApp’s motion and found NSO liable for hacking and breach of contract. The case will now proceed to trial, but only to determine the amount of damages.

WhatsApp’s head, Will Cathcart, hailed the ruling as a victory for privacy, stating that spyware companies could no longer hide behind immunity or avoid accountability for unlawful actions. A spokesperson for WhatsApp expressed their gratitude for the decision, reaffirming the company’s commitment to protecting users’ private communications.

Cybersecurity experts, including John Scott-Railton from Citizen Lab, welcomed the ruling as a landmark decision with significant consequences for the spyware industry. He noted that the ruling clarifies that NSO Group is responsible for violating numerous laws, as the company could no longer evade accountability for its actions.

WhatsApp sued NSO in 2019, accusing it of using a vulnerability to access WhatsApp’s servers and install Pegasus spyware on users’ devices. The lawsuit claimed the intrusion enabled the surveillance of 1,400 individuals, including journalists, human rights activists, and dissidents. NSO had defended itself by arguing that its technology was intended to help law enforcement and intelligence agencies combat crime and terrorism.

Despite this defense, NSO failed in its attempt to secure “conduct-based immunity,” which protects foreign officials acting in their official capacity. The 9th U.S. Circuit Court of Appeals upheld the decision in 2021, and the U.S. Supreme Court declined to hear NSO’s appeal, allowing the lawsuit to move forward.