More than 1.4 million devices have been installed with a set of malicious Google Chrome extension More than 1. 4 million devices have been installed with a set of malicious Google Chrome extensions.
The company found no evidence of the extensions being used as a bridge into corporate networks, but attackers may have the ability to download and inject arbitrary JavaScript into any tab, says Jan Rubín, a malware researcher at Avast. This could be used to gather credentials and other sensitive corporate data from the websites visited by the victim, he says. We are preparing a technical blog post with more technical information and IoCs, but for now, we can share the . malicious domains.
The malicious extensions are the latest attempt by cybercriminals to hide code in add-ons for popular browsers. In February, independent researcher Jamila Kaya and Duo Security announced they had discovered more than 500 Chrome extensions that infected millions of users browsers to steal data. In June, Awake Security reported more than 70 extensions in the Google Chrome Web store were downloaded more than 32 million times and which collected browsing data and credentials for internal websit