A malicious extension for chrome that steals login data from Facebook page. Currently facebook has an encryption system in its requests, so this extension takes the password already encrypted to avoid malicious use.
I have nothing to do with malicious use of code contained in this repository. Everything here was done for study purposes only and to prove that you shouldn't use unknown extensions. Therefore, the misuse of this code is solely the fault of the malicious user.
After running the php script and saving the credentials in a text file, the victim will be redirected back to the official page (facebook) with a parameter GET active=true, so the extension will identify that the passwords have already been stolen and will leave the user log in normally on facebook, preventing unsuspecting users from noticing that something is wrong in their browser. It's extremely easy and simple to create malicious extensions for chrome and other browsers. With less than 10 lines of code it is now possible to steal user data from any website! So the bottom line is always to check if the extension you are using is really safe. Always check for feedback from other users and even check the extension code yourself. Malicious code as shown in this repository can easily be hidden among dozens of lines of code, so always be very careful.
Example of extension modifying action to malicious page. Note that the extension is not even on the bookmarks bar.
