AdsPower reveals hacking incident, fixes vulnerability and alerts

Odaily Planet Daily News: The AdsPower security team transparently disclosed an intrusion incident on January 24th, in which hackers spread malicious code and tampered with some third-party encrypted wallet plugins in the AdsPower fingerprint browser. AdsPower has fixed vulnerabilities and strengthened system security, while reporting to Singapore authorities and actively cooperating with police investigations. According to official disclosure, from January 21st to 22nd, a small number of users reported that they were unable to install or update the MetaMask plugin. On January 23rd, the technical team discovered that the plugin download link was abnormal and replaced it with the official download address. On January 24th, AdsPower detected that the plugin had been tampered with, and subsequently deleted the malicious plugin package, fixed the download link, and requested affected users to reinstall the plugin to ensure security. Internal investigations have shown that attackers exploited vulnerabilities in third-party technology service systems to upload and spread malicious versions of the MetaMask plugin, which could potentially result in the leakage of cached information in user wallet plugins. At present, AdsPower has upgraded its application center plugin download mode and will further strengthen network security, emergency response, and supply chain security management in the future. Affected users can receive exclusive value-added service plans on the AdsPower client.