Summary
Key Points:
- Main threat/vulnerability/incident: A Brazilian operator has developed 126 malicious Chrome extensions that collectively have 148,000 installations, secretly harvesting WhatsApp user data and ad cookies.
- Impact assessment and affected systems: The extensions, while appearing as separate products, are part of a single platform (wascript.com.br) that compromises user privacy by collecting sensitive information from WhatsApp users.
- Recommended actions or mitigations: Users should immediately remove any suspicious Chrome extensions, particularly those associated with the identified names, and review their browser security settings. Organizations should consider implementing monitoring solutions to detect unauthorized data exfiltration.
Technical Details: The malicious extensions are designed to operate under the guise of legitimate applications while covertly transmitting user data to the operator's servers.
MITRE ATT&CK Techniques: None mentioned
IOCs Mentioned:
- wascript.com.br (domain associated with the malicious extensions)
Join the discussion — sign up to comment, upvote, and save articles.