[ad_1]
Are malicious extensions in the news again? No way! Well, yes, unfortunately, but you are probably not at all surprised and certainly not at all happy. In February, Google removed more than 500 malicious extensions from the Chrome Web Store, which injected ads into millions of Chrome browsing sessions. In June, Awake Security reported another 100 out of 15,160 domains. Now, according to Avast after being found by CZ.NIC, there are 15 more that users should uninstall right now!
Based on their recent findings, a total of 28 extensions (15 in Chrome and 13 in Edge) that are primarily geared toward Facebook and Instagram use cases. Rather, redirect users’ traffic to ads and phishing sites and collect their personal data such as date of birth, email address, and active devices. Not only that, but they also collect browsing data and they have the option to download malware directly to a user’s device (but Chromebooks can’t get malware)!
Avast researchers said they believe extension developers led the campaign to divert user traffic for monetary gain stating that “for every redirect to a third-party domain, cybercriminals would receive a payment.”
“Our assumption is that either the extensions were purposefully created with the malware embedded, or the author waited for the extensions to become popular and then pushed an update containing the malware,” says Jan Rubin, researcher at Avast. “It could also be that the author sold the original extensions to someone else after creating them, and then his client introduced the malware afterwards.”
Avast Blog
Apparently, the Avast Threat Intelligence team started monitoring this threat in November, but they think it could have been active for years, as evidenced by some of the reviews of the sets. The craziest part is that most of these extensions can still be downloaded and since Avast informed Google about the problem, only a few of them were removed from the web store, although it is said that they are currently studying each of them.
It does not go well. Extensions have long been the weakest link in the Chrome browser armor – it’s just a real security vulnerability. To be fair, it’s hard, if not nearly impossible, to control the experience where there is so much third-party input and influence, and the Chrome Web Store is essentially like the wild west. However, Google is doing a ton of work to change that, including creating some sort of ‘seal of approval’ for extensions that help alleviate privacy concerns, which will roll out early next year. and even giving you direct control over what data an extension has access to and on which websites.
There is no doubt that these issues can linger long after the New Year, and there is certainly a lot of work to be done, so we’ll have to see what other creative solutions Google can come up with to get around extensions by submitting them. I would vote that we just get rid of it to fix the problem, but a lot of extensions like Honey, Toby, Stadia Enhanced, Cog, uBlock Origin and many more are really good for Chrome users and deserve to exist. This means that instead, Google will have to take a more careful approach to the situation and separate the sheep from the goats, so to speak, and that will take time.
Let me tell you here and now that if any of the following extensions are installed on your computer, remove them now! Do not install any of the extensions below – we only link them so that you can verify their full identity. You can view your extensions by typing chrome://extensions in your URL bar or Omnibox above.
[ad_2]
Source link