Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
  • AI
  • Tech
  • Cybersecurity
  • Finance
  • DeFi & Blockchain
  • Startups
  • Gaming
Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
Dataconomy
No Result
View All Result

Don’t fall for it: Hackers use Facebook ads to target you

Bitdefender Labs has closely followed these campaigns, revealing that the latest operation was launched on November 3, 2024

byKerem Gülen
November 20, 2024
in News, Cybersecurity

Throughout 2024, a disturbing trend has emerged as hackers exploit Facebook ads to distribute fake Chrome extensions masquerading as legitimate password managers like Bitwarden. This sophisticated malvertising campaign preys on users’ fears of cyber threats and deceives them into downloading malicious software.

Hackers exploit Facebook ads to distribute fake Chrome extensions

Bitdefender Labs has closely followed these campaigns, revealing that the latest operation was launched on November 3, 2024. Targeting users aged 18 to 65 across Europe, the attackers create a sense of urgency by claiming that users must install a critical security update. By impersonating a trusted brand, they effectively leverage Facebook’s advertising platform to gain users’ trust.

The deceptive process begins when users encounter a Facebook ad that warns them their passwords are at risk. Clicking the ad directs them to a fraudulent webpage designed to mimic the official Chrome Web Store. However, instead of a safe download, users are redirected to a Google Drive link hosting a ZIP file containing the harmful extension. To install it, users must follow a detailed process that involves enabling Developer Mode on their browser and sideloading the extension, a method that circumvents standard security protocols.

Stay Ahead of the Curve!

Don't miss out on the latest insights, trends, and analysis in the world of data, technology, and startups. Subscribe to our newsletter and get exclusive content delivered straight to your inbox.

How the fake Bitwarden extension operates

Once the malicious extension is installed, it requests extensive permissions allowing it to intercept and manipulate user activity online. As outlined in the extension’s manifest file, it operates across all websites and can access storage, cookies, and network requests. This provides hackers full access to sensitive information. For instance, the permissions include:

  • contextMenus
  • storage
  • cookies
  • tabs
  • declarativeNetRequest
Don’t fall for it- Hackers use Facebook ads to target you_03
Once the malicious extension is installed, it requests extensive permissions allowing it to intercept and manipulate user activity online (Image credit)

The extension’s background script initiates a series of harmful activities as soon as it is installed. It routinely checks for Facebook cookies and retrieves vital user data, including personal identifiers and payment information associated with Facebook ad accounts. The sensitivity of the stolen data can lead to severe repercussions, including identity theft and unauthorized access to financial accounts.


Hack Microsoft win $4 million with Zero Day Quest


The use of legitimate platforms like Facebook and Google Drive obscures the malware’s true nature. Security experts recommend several strategies to mitigate risks associated with this threat:

  • Verify extension updates through official browser stores rather than clicking on ads.
  • Exercise caution with sponsored ads, especially those that prompt immediate updates for security tools.
  • Review extension permissions critically before installation.
  • Utilize security features, such as disabling Developer Mode when not in use.
  • Promptly report suspicious ads to social media platforms.
  • Implement a reliable security solution that detects and blocks phishing attempts and unauthorized extensions.
Don’t fall for it: Hackers use Facebook ads to target you
Scamio interface (Image credit)

Bitdefender offers a tool called Scamio, which helps users identify malicious content online. It assesses links, messages, and other digital interactions to highlight potential scams, giving users an extra layer of defense.


Featured image credit: Soumil Kumar/Unsplash

Tags: BitdefenderchromeFacebookhack

Related Posts

ChatGPT reportedly reduces reliance on Reddit as a data source

ChatGPT reportedly reduces reliance on Reddit as a data source

October 3, 2025
Perplexity makes Comet AI browser free, launches background assistant and Chess.com partnership

Perplexity makes Comet AI browser free, launches background assistant and Chess.com partnership

October 3, 2025
Light-powered chip makes AI computation 100 times more efficient

Light-powered chip makes AI computation 100 times more efficient

October 3, 2025
Free and effective anti-robocall tools are now available

Free and effective anti-robocall tools are now available

October 3, 2025
Choosing the right Web3 server: OVHcloud options for startups to enterprises

Choosing the right Web3 server: OVHcloud options for startups to enterprises

October 3, 2025
Z.AI GLM-4.6 boosts context window to 200K tokens

Z.AI GLM-4.6 boosts context window to 200K tokens

October 2, 2025

LATEST NEWS

ChatGPT reportedly reduces reliance on Reddit as a data source

Perplexity makes Comet AI browser free, launches background assistant and Chess.com partnership

Light-powered chip makes AI computation 100 times more efficient

Free and effective anti-robocall tools are now available

Choosing the right Web3 server: OVHcloud options for startups to enterprises

Z.AI GLM-4.6 boosts context window to 200K tokens

Dataconomy

COPYRIGHT © DATACONOMY MEDIA GMBH, ALL RIGHTS RESERVED.

  • About
  • Imprint
  • Contact
  • Legal & Privacy

Follow Us

  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
No Result
View All Result
Subscribe

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.