Атаки на dYdX и злонамеренные ИИ-расширения для Chrome: Угрозы кибербезопасности недели Attacks on dYdX and Malicious AI Extensions for Chrome: Cybersecurity Threats of the Week

We have compiled the most significant cybersecurity news from the past week.

Cybercriminals compromised the accounts of developers at the decentralized cryptocurrency exchange dYdX and injected malware into official software packages (npm and PyPI). The breach was discovered by Socket specialists.

npm and PyPI packages are utilized by programmers to interact with the exchange protocols, including wallet creation and transaction processing. Given that billions of dollars flow through dYdX, the threat magnitude was extremely high.

The attackers targeted cryptocurrency wallet seed phrases. Once a developer interacted with the compromised library, the malware copied access keys and transmitted them to the hackers’ server. The criminals employed website addresses that were visually nearly identical to the exchange’s official domains.

For Python-version developers, the situation was even graver: a remote access trojan was installed in their systems. The malware activated in the background every 10 seconds, enabling hackers to execute any code on the victim’s computer. This provided the opportunity to steal not only cryptocurrency but also passwords, personal files, and monitor the user’s activities.

Socket experts noted that the hackers exhibited an understanding of the internal system structure. They concealed malicious code deep within legitimate files that executed automatically.

After experts issued warnings, the exchange acknowledged the breach and urged anyone who downloaded updates in January 2026 to immediately isolate their computers and transfer funds to new secure wallets.

North Korean hackers are conducting personalized campaigns using AI-generated videos to deliver malware to cryptocurrency users. This was reported by Mandiant’s experts.

The criminals’ objective is financial gain, as indicated by the toolkit used in the attack against an unnamed fintech company. According to Mandiant, researchers identified seven different families of macOS malware and attributed them to the UNC1069 group, which has been under surveillance since 2018.

The victim was contacted via Telegram from a hacked account of a cryptocurrency company executive. After establishing trust, the hackers sent a link to Calendly, which redirected the victim to a fake Zoom conference page hosted on the attackers’ infrastructure.

According to the victim, the hackers displayed a deepfake video of the cryptocurrency company’s CEO. During the video call, the perpetrator simulated sound issues, instructing the victim on how to «fix the errors» by executing commands that initiated the infection chain for Windows and macOS.

The hackers then sequentially deployed seven different families of malware:

Mandiant noted that the SILENCELIFT, DEEPBREATH, and CHROMEPUSH families represent an entirely new toolkit from the group. Researchers described the volume of malware deployed on a single host against a single individual as «unusual.»

This confirms that the attack was highly specialized, aimed at gathering maximum data for two purposes: stealing cryptocurrency and preparing for future campaigns by stealing the victim’s identity and contacts.

Thirty malicious AI extensions for Chrome were installed by over 260,000 users. Researchers from the browser security platform LayerX reported this.

The identified campaign disguised itself as AI assistants to steal credentials, email content, and browsing information.

It was determined that all analyzed extensions belong to the same fraudulent network, as they link to infrastructure on a single domain.

Researchers found that the most popular extension in the campaign was Gemini AI Sidebar (80,000 users), which has already been removed from the store. However, BleepingComputer discovered that other extensions with thousands of installations still remain in the Google repository:

All 30 extensions share the same internal structure, JavaScript logic, and requested permissions. They do not contain AI functionalities within the code. Instead, they load content from a remote domain.

What is especially concerning is that developers can change the extension’s behavior at any time from the server side without releasing an update. This approach allows them to bypass re-checks by Google moderators.

In the background, the extensions extract content from visited pages, including sensitive login pages:

BleepingComputer reached out to Google for comments, but the corporation had not responded by the time of publication. Experts recommended checking the LayerX breach indicator list, immediately deleting the extension, and changing passwords.

Two Connecticut residents have been charged with fraud involving gambling platforms and stolen personal data. The U.S. Department of Justice reported this.

According to the indictment, from April 2021 to 2026, the accomplices stole $3 million using stolen personal data from approximately 3,000 victims.

The scammers operated according to the following algorithm:

«I was just browsing through the Social Security numbers and using reverse lookup by phone number in the Scam Shield app,» the defendant Amit Kapoorth wrote in a text message to his accomplice Siddhart Lillani.

When matches were found, the perpetrator created an account. In some cases, additional verification from BeenVerified was unnecessary.

The aim of the scheme was to obtain promotional bonuses offered by bookmakers for the first deposit or bet. If such a bet won, the defendants transferred the funds to prepaid virtual cards and then to their personal accounts.

Microsoft patched a critical vulnerability in Notepad for Windows 11 that allowed hackers to execute local or remote programs. All they needed to do was trick a user into clicking on a specially crafted Markdown link, reports BleepingComputer.

With the release of Windows 11, Microsoft decided to phase out WordPad and upgrade Notepad. It was rewritten from scratch, adding Markdown support. This allowed users to format text and insert clickable links directly into text files (.md).

According to media reports, the problem lay in the improper handling of special elements in commands. A hacker could create a Markdown file with malicious links utilizing protocols like file:// (path to an executable) or ms-appinstaller:// (application installation).

After opening it in earlier versions of Notepad (including 11.2510) in Markdown mode, the text displayed as a link. After clicking it with Ctrl+click, the software would automatically launch the specified file or protocol. The primary danger was that code executed in the user’s secure environment with the same access rights, and Windows did not issue the standard warning about running a potentially dangerous file.

Security researchers found it was possible to create links to files located on remote network resources. After the patch was released, attempting to click any other link in Notepad displayed a warning dialog.