Zoom Stealer Campaign Targets 2.2 Million Users via Malicious Browser Extensions

The recently discovered Zoom Stealer campaign has targeted approximately 2.2 million users through 18 malicious browser extensions for Chrome, Firefox, and Microsoft Edge. These extensions were designed to steal sensitive information related to online meetings, including URLs, credentials, topics, descriptions, and embedded passwords. Although the extensions have been removed from official browser extension stores, users who have already installed them remain at risk. Technically, the extensions exploit legitimate browser functionalities to extract data without immediate detection. This campaign underscores the risks associated with browser extensions, even those available on official stores. The stolen information could be used for corporate espionage or phishing attacks, posing significant threats to organizational security. The impact on the cybersecurity landscape is substantial, highlighting the need for rigorous vetting of browser extensions before installation. Regular audits of installed extensions and the use of browser security solutions can mitigate risks. Organizations should educate their employees about the potential dangers of malicious extensions and encourage cautious behavior when installing new extensions. From an expert perspective, this campaign serves as a reminder of the evolving tactics used by cybercriminals to exploit trusted platforms. It is crucial for cybersecurity professionals to stay vigilant and implement robust security measures to protect against such threats.