top | item 45519844

(no title)

gnyman | 4 months ago

Even if none of these extensions were malicious, they might have some vulnerability that would allow and attacker to get your cookie? Or the developers of those might have unknowingly been phished like what happened last December.

Sorry for just offering speculation, hopefully you figure it out. Even if it was "only" a Reddit account, the feeling of not knowing how it happened and if other things are at risk must be horrible.

https://crxplorer.com/ might help you to inspect your extensions a bit deeper if you are interested and have the knowledge.

And finally, just a comment, passkeys/webauthn/fido keys would not protect against a session cookie theft. They only prevent the login stage from being phished.

discuss

guilamu|4 months ago

I've just had my Amazon account hacked with an order of a gift card. I saw it immediately so I was able to request a refund, change passwords, add 2fa, remove any payment info.

This is probably linked, I still don't understand how this is possible...

guilamu|4 months ago

Thanks again for your input! I'll look into crxplorer.