Submission + - Chrome Extension Developers Under a Barrage of Phishing Attacks (bleepingcomputer.com)
The phishers used access to these developer accounts to insert adware code inside the extensions and push out a malicious update that overlaid ads on top of web pages users were navigating. Initially, this looked like a passing problem, but new evidence reveals these attacks have been going on for the past 2 months, since mid-June. Last week, after the hijacking of the Web Developer Chrome extension, Google's security team sent warnings via email to all Chrome extension developers to be on the lookout for this new tactic.