AdsPower Addresses Security Breach Involving Malicious Wallet Plugins

According to Odaily, AdsPower's security team disclosed a security breach on January 24, where hackers infiltrated the system by spreading malicious code, altering some third-party cryptocurrency wallet plugins within the AdsPower fingerprint browser. The company has since patched the vulnerability, enhanced system security, and reported the incident to Singaporean authorities, actively cooperating with the police investigation. The breach was initially noticed between January 21 and 22, when a few users reported issues with installing or updating the MetaMask plugin. On January 23, the technical team identified anomalies in the plugin download link and replaced it with the official download address. By January 24, AdsPower detected the plugin tampering, removed the malicious plugin package, fixed the download link, and instructed affected users to reinstall the plugin to ensure security. An internal investigation revealed that attackers exploited a vulnerability in a third-party technical service system to upload and distribute a malicious version of the MetaMask plugin, potentially compromising users' wallet plugin cache information. AdsPower has since upgraded the application center's plugin download mode and plans to further strengthen cybersecurity, emergency response, and supply chain security management. Affected users can receive an exclusive value-added service package through the AdsPower client.