Dec 27 - Hackers have compromised several different

companies' Chrome browser extensions in a series of intrusions

dating back to mid-December, according to one of the victims and

experts who have examined the campaign.

Among the victims was the California-based Cyberhaven, a

data protection company that confirmed the breach in a statement

to Reuters on Friday.

"Cyberhaven can confirm that a malicious cyberattack

occurred on Christmas Eve, affecting our Chrome extension," the

statement said. It cited public comments from cybersecurity

experts. These comments, said Cyberhaven, suggested that the

attack was "part of a wider campaign to target Chrome extension

developers across a wide range of companies."

Cyberhaven added: "We are actively cooperating with federal

law enforcement."

The geographical extent of the hacks was not immediately

clear.

Browser extensions are typically used by internet users to

customize their Web-browsing experiences, for example by

automatically applying coupons to shopping websites. In

Cyberhaven's case, the Chrome extension was used to help the

company monitor and secure client data flowing across Web-based

applications.

Jaime Blasco, cofounder of Austin, Texas-based Nudge

Security, said he had spotted several other Chrome extensions

that had been subverted in the same way as Cyberhaven's. At

least one appeared to have been hit in mid-December.

Blasco said the other affected extensions included ones

related to artificial intelligence and virtual private networks.

He said that suggested an opportunistic effort to vacuum up

sensitive data using as many compromised extensions as possible.

"I'm almost certain this is not targeted to Cyberhaven,"

Blasco said. "If I had to guess, this was just random."

The U.S. cyber watchdog CISA referred questions to the

companies involved. A message seeking comment from Alphabet

, which makes the Chrome browser, was not immediately

returned.