Rilide browser extension steals MFA codes

Cryptocurrency thieves are targeting users of Chromium-based browsers – Google Chrome, Microsoft Edge, Brave Browser, and Opera – with an extension that steals credentials and can grab multi-factor authentication (MFA) codes. The malicious extension Dubbed Rilide by Trustwave researchers, the extension mimics the legitimate Google Drive extension while, in the background, it disables the Content Security Policy (CSP), collects system information, exfiltrates browsing history, takes screenshots, and injects malicious scripts. It aims to allow attackers … More →

The post …

attackers authentication brave brave browser browser browser extension browsers browsing chrome chromium content security credentials cryptocurrency csp data theft don't miss drive edge extension factor google google chrome google drive grab help net security history information malicious mfa microsoft microsoft edge multi-factor multi-factor authentication opera policy researchers rilide screenshots scripts security security policy system targeting thieves trustwave