Malicous Chrome Extensions Stealing Roblox In-Game Currency [source: trendmicro]

by CIRT Team

Recently, we discussed how cyber criminals are using the popular voice/chat client Discord to steal cookies from the running Roblox process on a Windows PC. Since then, we’ve noticed another attack going after the same information, only this time it is via Chrome extensions (CRX files).

While currently it is targeting only Roblox users, the same technique can be used to steal cookies from any website. The stolen information is sent via Discord, but this also could be configured to use other chat platforms. We learned this particular Chrome extension was, in fact, for sale on the Dream Market underground marketplace for only 99 cents.

For more detail, click here.

CIRT Team

Recommended Posts

WhatsApp down for millions of users globally: App not working for group and individual chats; Twitter gets flooded with memes

25 Oct 2022 - News, News Clipping

সাইবার-নিরাপত্তা-সূচকে-এগিয়েছে-বাংলাদেশ

30 Jun 2021 - CIRT In Media, News Clipping

Lazarus supply‑chain attack in South Korea [welivesecurity]

22 Nov 2020 - CIRT In Media, News Clipping