Chrome Extensions Caught Stealing Meta Business Data and 2FA Codes: How to Stay Safe
Tech News

Chrome Extensions Caught Stealing Meta Business Data and 2FA Codes: How to Stay Safe

Jesús García
5 min read
46 Views
Share:

Cybersecurity researchers have discovered malicious Google Chrome extensions designed to steal sensitive data from Meta Business Suite, Facebook Business Manager, emails, and browsing history. If you manage business accounts on Facebook or Instagram, you need to read this.

What this malicious extension does

The extension identified as "CL Suite by @CLMasters" was listed on the Chrome Web Store as a legitimate tool for managing Meta Business Suite. But in reality, it steals:

  • TOTP codes (2FA): Two-factor authentication seeds from Facebook and Meta Business, allowing complete bypass of 2FA protection
  • Contact lists: Names, emails, roles, permissions, and access statuses from Business Manager
  • Analytics data: Ad campaign performance information
  • Browsing history: Your entire history of visited websites

Why this is so dangerous

The most critical issue is the TOTP seed theft. When an attacker has your 2FA seed, they can generate the same verification codes as you. This means that even if you have two-factor authentication enabled, your account is no longer protected.

With credentials obtained from data breaches or infostealers, plus stolen 2FA codes, an attacker can take full control of your Facebook Business account in minutes.

How to check if you're affected

Check your Chrome extensions immediately:

  1. Open Chrome and go to chrome://extensions/
  2. Look for extensions you don't recognize or that claim to manage Meta Business Suite
  3. Specifically search for "CL Suite" or similar extensions
  4. If you find anything suspicious, remove it immediately

How to protect yourself

Follow these steps right now:

  • Audit your extensions: Remove all extensions you don't actively use or don't recognize
  • Change your passwords: If you had suspicious extensions, change your Facebook, Meta Business, and any linked account passwords
  • Reset your 2FA: Disable and re-enable two-factor authentication to generate new seeds
  • Review access: In Meta Business Suite, go to Settings > People and check for unknown users
  • Only install verified extensions: Before installing any extension, verify the developer, read reviews, and check the permissions it requests

The important lesson

Browser extensions have deep access to everything you do online. A malicious extension can read your passwords, intercept forms, and access your session cookies. The rule is simple: fewer extensions = more security.

Never install extensions that promise extra functionality for social media or business platforms. If Meta Business Suite needed an extension, Meta would publish it themselves.

Tags: Cybersecurity google-chrome meta-business facebook phishing
J
Written by
Jesús García

Apasionado por la tecnologia y las finanzas personales. Escribo sobre innovacion, inteligencia artificial, inversiones y estrategias para mejorar tu economia. Mi objetivo es hacer que temas complejos sean accesibles para todos.

twitter linkedin
Share post:

Related posts

Comments

Leave a comment

Recommended Tools

The ones we use in our projects

1

Hostinger

Hosting

Hosting y dominios desde $2.99/mes

View deal

Affiliate links. No extra cost to you.

Need technology services?

We offer comprehensive web development, mobile apps, consulting, and more.

Web Development Mobile Apps Consulting
Services Contact