These Chrome extensions spoof Workday, NetSuite, and others to trick victims - here's what to look for

(Image credit: Google)

Socket found five malicious Chrome extensions spoofing HR/ERP platforms
Extensions enabled credential theft, session hijacking, and blocked incident response
Removed from Chrome Store, but still on third-party sites

If you are using Workday, NetSuite, or SuccessFactors at work, you might want to pay attention to the browser extensions or add-ons you have installed, because you may have inadvertently installed malware.

Security researchers Socket have warned of discovering five Chrome extensions, spoofing popular human resource (HR) software and enterprise resource planning (ERP) platforms.

The plugins are designed to steal authentication tokens, block incident response capabilities, or grant full account takeover via session hijacking, the researchers explained.

These malicious Google Chrome extensions have stolen data from over 170 sites - find out if you're affected

More malicious browser extensions uncovered - Chrome, Firefox, and Edge all affected

4.3 million have installed this malicious browser extension on Chrome and ...
Copyright of this story solely belongs to techradar.com . To see the full text click HERE

Share:

More related news