Google’s Chrome web browser Extensions are under attack with a series of developers being hacked within last one month. Unknown attackers gained access to developers’ Google web accounts by sending out phishing emails with malicious links to steal account credentials. Chrome extensions TouchVPN and Betternet VPN were also compromised in the same way at the end of June. At this time, it is unclear who is behind the hijackings of Chrome Web extensions. The best way to protect yourself from such attacks is to be suspicious of uninvited documents sent over a phishing email and never click on links inside those documents unless verifying the source.
Source: https://thehackernews.com/2017/08/chrome-extension-hacking.html