Privacy News Copyfish Compromised by Phishing Attack


Community Manager
Thread author
Staff Member
Aug 30, 2012
According to the authors of the image text extraction extension, they were hit with a phishing attack on July 28 and the perpetrator posing as Chrome Web Store team member then proceeded to update the extension on July 29 after gaining access to their account.

"So far, the update looks like standard adware hack, but, as we still have no control over Copyfish, the thieves might update the extension another time… until we get it back," the developers warned. "We can not even disable it—as it is no longer in our developer account."

It was a classic attack offering an authentic Google login screen and directed them to "Click here to read more details," that opened a "Google" password dialogue box which was instead a link. According to The Hacker News, the actual CopyFish team member was viewing the link in HTML form, so he did not find it immediately suspicious and entered the password for their developer account. Game over at that point. The attacker was now in control of the account and updated it to version 2.8.5 which is now pushing out spam and other malicious content to users.

The author, a9t9 Software GmbH is recommending that you disable or remove the extension if you have it and obviously do not update to the hacked version of 2.8.5 since they are not in control of it and are working with Google to regain access and rectify the situation.

MajorGeeks does list this extension but since becoming aware of the attack have removed it until the situation is reported to be all clear.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.