The Extension That Spied on You: Inside ShadyPanda’s 7-Year Attack

from Cyberside Chats: Cybersecurity Insights from the Experts · host Chatcyberside

A massive 7-year espionage campaign hid in plain sight. Harmless Chrome and Edge extensions — wallpaper tools, tab managers, PDF converters — suddenly flipped into full surveillance implants, impacting more than 4.3 million users. In this episode, we break down how ShadyPanda built trust over years, then weaponized auto-updates to steal browsing history, authentication tokens, and even live session cookies. We’ll walk through the timeline, what data was stolen, why session hijacking makes this attack so dangerous, and the key steps security leaders must take now to prevent similar extension-based compromises. Key Takeaways Audit and restrict browser extensions across the organization. Inventory all extensions in use, remove unnecessary ones, and enforce an allowlist through enterprise browser controls. Treat extensions as part of your software supply chain. Extensions can flip from safe to malicious overnight. Include them in risk assessments and governance processes. Detect and mitigate session hijacking. Monitor for unusual token reuse, shorten token lifetimes where possible, and watch for logins that bypass MFA. Enforce enterprise browser security controls. Use Chrome/Edge enterprise features or MDM to lock down permissions, block unapproved installations, and enable safe browsing modes. Reduce extension sprawl with policy and training. Educate employees that extensions carry real security risk. Require justification for new installations and empower IT to remove unnecessary ones. Please tune in weekly for more cybersecurity advice, and visit www.LMGsecurity.com if you need help with your cybersecurity testing, advisory services, and training. Resources: KOI Intelligence (Original Research): https://www.koi.ai/blog/4-million-browsers-infected-inside-shadypanda-7-year-malware-campaign Malwarebytes Labs Coverage: https://www.malwarebytes.com/blog/news/2025/12/sleeper-browser-extensions-woke-up-as-spyware-on-4-million-devices Infosecurity Magazine Article: https://www.infosecurity-magazine.com/news/shadypanda-infects-43m-chrome-edge/ #ShadyPanda #browserextension #browsersecurity #cybersecurity #cyberaware #infosec #cyberattacks #ciso

NOW PLAYING

0:00 20:58

1×

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Share this episode

Similar Episodes

No similar episodes found.

Similar Podcasts

MG Show MG Show The MG Show, hosted by Jeffrey Pedersen and Shannon Townsend, is a leading alternative media platform dedicated to uncovering the truth behind today’s most pressing political issues. Launched in 2019, the show has grown exponentially, offering unfiltered insights, comprehensive research, and real-time analysis. With a commitment to independent journalism and factual integrity, the MG Show empowers its audience with knowledge and encourages active participation in the political discourse. The Game Radio Popolare Soldi, lavoro, avidità, disoccupazioni: il grande gioco dell’economia smontato ogni giorno da Raffaele Liguori. Photo Breakdown Scott Wyden Kivowitz Photo Breakdown is a podcast in which we explore the world of photography with a trusted guide, host Scott Wyden Kivowitz. His expertise and passion bring the industry to life as we explore the stories, trends, and ideas shaping it today. Join us as we dissect everything from incredible photographs and creative techniques to the latest gear releases and hot topics in the photography community.In each episode, we break down what’s happening behind the scenes - whether it’s making a powerful image, a candid discussion on industry trends, or a reflection on the tools and technology changing how we make photographs. You’ll get insights, expert opinions, and a fresh perspective on what’s top of mind for photographers right now.Anticipate short, engaging episodes brimming with ideas and inspiration. Be part of the conversation by sharing your thoughts, voice notes, and comments. Your participation is what makes our community vibrant and dynamic.It’s more than just photography - everyth The Last Outlaws Impact Studios at UTS In a History Lab season like no other, we're pulling on the threads of one of Australia's great misunderstood histories, moving beyond the myths to learn what the Aboriginal brothers Jimmy and Joe Governor faced in both life and death.Australia's budding Federation is the background setting to this remarkable story, that sees the Governor brothers tied to the inauguration of a 'new' nation and Australia's dark history of frontier violence, racial injustice and the global trade and defilement of Aboriginal ancestral remains. This Impact Studios production is a collaboration with the Governor family, UTS Faculty of Law and Jumbunna Institute for Indigenous Education and Research.The Last Outlaws teamKatherine Biber - UTS Law Professor and Chief InvestigatorAunty Loretta Parsley - Great-granddaughter of Jimmy Governor and the Governor Family Historian Leroy Parsons - Governor descendant, Narrator and Co-WriterKaitlyn Sawrey - Host, Writer and Senior ProducerFrank Lopez - Writer,

URL copied to clipboard!

Share this episode

Similar Episodes

Similar Podcasts

Age Verification