Search
Get in Touch
News

These Chrome extensions spoof Workday, NetSuite, and others to trick victims – here’s what to look for

TechRadar
TechRadar
  • Socket found five malicious Chrome extensions spoofing HR/ERP platforms
  • Extensions enabled credential theft, session hijacking, and blocked incident response
  • Removed from Chrome Store, but still on third-party sites

If you are using Workday, NetSuite, or SuccessFactors at work, you might want to pay attention to the browser extensions or add-ons you have installed, because you may have inadvertently installed malware.

Security researchers Socket have warned of discovering five Chrome extensions, spoofing popular human resource (HR) software and enterprise resource planning (ERP) platforms.

The plugins are designed to steal authentication tokens, block incident response capabilities, or grant full account takeover via session hijacking, the researchers explained.

Thousands of victims

Here is the full list of malicious extensions:

DataByCloud Access
Tool Access 11
DataByCloud 1
DataByCloud 2
Software Access

By the time the news hit the web, all five were already removed from the Google Chrome Web Store. Still, users who installed them before won’t be entirely secure until they uninstall the plugins and run a thorough scan to see if the infection had been cleaned.

Furthermore, The Hacker News reports that the plugins are still available on third-party software download sites such as Softonic, but we couldn’t independently verify these claims since Softonic’s site seemed to be offline at press time.

Cumulatively, these five add-ons were downloaded 2,739 times, which suggests the campaign was not particularly effective.

Still, Workday, NetSuite, and SuccessFactors are usually used by medium to large organizations, including enterprises and multinational firms, for HR, finance, payroll, and operations teams. A full account takeover in just one such organization can turn into a large-scale cyberattack with millions of dollars of damages and thousands of affected individuals.

To make matters even worse, some of the extensions taken down were first published more than four years ago.

“The combination of continuous credential theft, administrative interface blocking, and session hijacking creates a scenario where security teams can detect unauthorized access but cannot remediate through normal channels,” Socket said.

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Read more @ TechRadar

Previous article
Huge data breach reveals info on 750,000 investors – here’s what we know, and how to see if you’re affected
Next article
Your Fellow coffee maker has a secret video game hidden in its interface – here’s how to play it
TechRadar
TechRadar

Latest posts

How to Make a Killing is a rare misfire for A24 — a serial killer story should not be this boring

TechRadar - 0
Read more @ TechRadar

The starter you pick in Pokémon FireRed and LeafGreen means a lot more than you might think — here’s why you need to choose...

TechRadar - 0
Read more @ TechRadar

Digg’s open beta shuts down after just two months, blaming AI bot spam

The Verge - 0
It's only been a year since Digg founder Kevin Rose, Reddit cofounder Alexis Ohanian, and a few others announced the link-sharing site would relaunch,...

Trump Mobile is just one in the crowd of conservative carriers

The Verge - 0
Where's the Trump phone? We're going to keep talking about it every week. This week, I wanted to see how Trump Mobile stacks up...

Microsoft’s Copilot AI assistant is coming to current-gen Xbox consoles this year

The Verge - 0
Xbox is getting ready to launch its Gaming Copilot AI assistant on "current-generation consoles" this year, according to a report from GamesRadar. Sonali Yadav,...

Spotify tests letting users directly customize their Taste Profile

The Verge - 0
Less slop please. | Image: Spotify Spotify Premium users in New Zealand will be the first to experience the service's latest personalization feature. The company...

States’ anti-monopoly case against Live Nation continues Monday

The Verge - 0
The Live Nation-Ticketmaster trial is back on. Dozens of states are expected to move forward with their claims against the company's alleged concert industry...

The MacBook Neo is Apple’s most repairable laptop

Engadget - 0
Apple's cheapest laptop is also its most repairable. iFixit gave the new MacBook Neo a 6/10 repairability score. Although that number would only be...

Nothing updates its AI app with semantic search and a new way to track events

Engadget - 0
In the mad dash many companies have made to incorporate AI features into their phones, Nothing arrived at one of the better ideas with...

Adobe agrees to pay settlement for making its subscriptions hard to cancel

Engadget - 0
Adobe has agreed to pay the US government $75 million to settle its lawsuit over the company's allegedly harmful approach to subscriptions. The suit...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!

The AIVAnet is a collector and classifier of app news articles and online technology news, which works automatically by collecting and collating the RSS feeds from popular sites (IOS news feed,latest tablet news, etc.).

The articles deal with mobile app reviews, especially with android reviews, and IOS. One of the central thematic axes is also the comparisons. You can find articles with tablet reviews, comparisons and mobile OS systems or mobile OS stats.

We also provide some of the most popular app news express, for android and IOS or windows phone. The online technology news that you can find in our pages are just opinions and ideology, allowing you to see how different news agencies present the same news.

AIVAnet is supported by Cloud Services Store

About Us

© AIVAnet | All rights reserved