Targeted supply chain attack against Chrome browser extensions

Posted on By Treadstone 71

#ParsedReport #CompletenessMedium
24-01-2025

Targeted supply chain attack against Chrome browser extensions

https://blog.sekoia.io/targeted-supply-chain-attack-against-chrome-browser-extensions

Report completeness: Medium

Actors/Campaigns:
Cyberhaven_breach

Threats:
Supply_chain_technique
Spear-phishing_technique
Seo_poisoning_technique

Victims:
Cyberhaven

TTPs:
Tactics: 9
Technics: 15

IOCs:
Email: 2
Url: 6
Domain: 65
Coin: 2
File: 2
Hash: 2
IP: 20

Soft:
Chrome, ChatGPT, OpenAI, Nginx, REDIS, MySQL

Algorithms:
sha256, base64

Languages:
javascript

Links:
https://github.com/SEKOIA-IO/Community/blob/main/IOCs/compromised\_chrome\_extensions\_dec24/compromised\_chrome\_extensions\_iocs\_20250122.csv
https://gist.github.com/qbourgue/b4690045862e6c21fb180dd6dcb6b6b3
have more…
https://gist.github.com/qbourgue/4e42ac21ed5898fd75221a2f1164a107

ALL Tags:

Related Posts

Copyright 2024

Discover more from The Cyber Shafarat -

Subscribe now to keep reading and get access to the full archive.

Continue reading