Keep your browser extensions updated!

It is important to keep all software you use up to date. There are updates for a reason – most likely some of the code used was found to be vulnerable to attacks.

This past week, a popular extension was hijacked. The developer of the Web Developer for Chrome extension had his own account hijacked. The hijackers phished his Google account, then modified the code in his account and pushed it out to users. The version of Web Developer for Chrome that was pushed out is 0.4.9. You need to make sure you have the updated version 0.5 installed NOW!

The version the hijackers uploaded can force ads on pages, capture passwords, or other unreported problems. Consider changing passwords to pages visited during the time of the compromise. The date was August 2. The developer himself admits he fell for a phishing attack that started this. This effected over one million users.

The developer details the events in his blog. The bottom line is anyone can click on a bad link and it is important to have two-factor verification in place.