Post

Malicious Browser Extensions Impact 722 Users Across Latin America Since Early 2025

Cybersecurity researchers uncover a malicious browser extension campaign targeting users in Latin America. Learn about the threat and how to stay safe.

Posted
By Tom Grant
2 min read
Malicious Browser Extensions Impact 722 Users Across Latin America Since Early 2025

TL;DR

Cybersecurity researchers have uncovered a new campaign targeting Brazilian users with malicious browser extensions, affecting 722 users since early 2025. The campaign aims to steal user authentication data, with some phishing emails sent from compromised company servers to increase attack success.

Malicious Browser Extensions Target Latin American Users

Cybersecurity researchers have recently shed light on a concerning campaign that has been actively targeting Brazilian users since the beginning of 2025. This campaign involves infecting users with a malicious extension designed for Chromium-based web browsers, with the primary goal of siphoning user authentication data. The extent of this campaign is significant, with 722 users already affected across Latin America1.

Modus Operandi

The campaign employs sophisticated tactics to ensure a high success rate. One notable strategy is the use of phishing emails sent from the servers of compromised companies. This approach increases the likelihood of users falling for the attack, as the emails appear to come from trusted sources.

Impact and Consequences

The malicious browser extensions are designed to steal sensitive information, including:

  • Usernames and passwords
  • Authentication tokens
  • Other critical data that can be used for further unauthorized access

The stolen data can then be used to compromise additional accounts, leading to a wider range of cyber threats, including identity theft and financial fraud.

Expert Insights

Security researchers from Positive Technologies have highlighted the severity of this campaign. The use of compromised company servers to send phishing emails adds a layer of credibility to the attacks, making them more effective.

Protective Measures

To safeguard against such threats, users are advised to:

  • Be cautious of unsolicited emails, even if they appear to come from trusted sources.
  • Regularly update browser extensions and remove any that are not from verified developers.
  • Use strong, unique passwords for different accounts and enable two-factor authentication where possible.

Conclusion

The discovery of this malicious browser extension campaign underscores the importance of vigilance in cybersecurity. As attackers continue to evolve their tactics, users must stay informed and proactive in protecting their digital identities. For more details, visit the full article: source.

References

  1. “The Hacker News” (2025). “Malicious Browser Extensions Infect 722 Users Across Latin America Since Early 2025”. The Hacker News. Retrieved 2025-06-08. ↩︎

Cybersecurity & Data Protection, Malware
cybersecurity malware browser extensions
This post is licensed under CC BY 4.0 by the author.