VERY IMPORTANT

A unique phishing campaign has been identified, urging users to install a Chrome extension through an attached file. The threat actor entices victims with the promise of a $50,000 prize and privacy protection. The malicious extension, disguised as a MAC spoofer, actually captures user credentials when logging into various services. The campaign uses social engineering techniques and a seemingly legitimate domain to appear trustworthy. The extension is manually installed, bypassing the Chrome Web Store. Analysis of the extension's files revealed its true purpose of sending captured information to the attacker's server. This case highlights the importance of human analysis in detecting threats that bypass automated security solutions.