Cybersecurity firm ElevenPaths has found a Google Chrome extension that steals payment card information. The extension is still available on the Chrome Web Store and has been active since February 2018. It can only be accessed through a link that the attackers are spreading by means of JavaScript injection attacks on websites that make them to be redirected to that extension using that link. This extension is hidden within the searches performed on the Web Store, and it can be accessed only by those who know the link. The attackers are using a JavaScript that can detect if the browser is a Chrome one and then they are redirected to the extension.”]
Source: https://hackercombat.com/chrome-extension-that-steals-credit-card-data-detected/

