Browser extensions, video downloaders found infected with viruses, if you have these in Chrome, uninstall now
Several browser extensions for Google Chrome and Microsoft Edge browser have found to be infected with malware that can steal your information.
advertisement
HIGHLIGHTS
Google Chrome and Microsoft Edge extensions can redirect users to phishing websites.
These phishing websites can steal user data and monetise traffic.
If you use Google Chrome or Microsoft Edge browsers, there are chances you have browser extensions installed to help you with some nifty things such as downloading a Facebook video or DM-ing someone on Instagram. These extensions, as many as 28, have now been identified as infected with malware that redirects users to unsafe websites and steals personal data such as email addresses, contact numbers, and even bank card information. Security firm Avast has noted in its report that around three million people may have been impacted by these malicious extensio
The company found no evidence of the extensions being used as a bridge into corporate networks, but attackers may have the ability to download and inject arbitrary JavaScript into any tab, says Jan Rubín, a malware researcher at Avast. This could be used to gather credentials and other sensitive corporate data from the websites visited by the victim, he says. We are preparing a technical blog post with more technical information and IoCs, but for now, we can share the . malicious domains.
The malicious extensions are the latest attempt by cybercriminals to hide code in add-ons for popular browsers. In February, independent researcher Jamila Kaya and Duo Security announced they had discovered more than 500 Chrome extensions that infected millions of users browsers to steal data. In June, Awake Security reported more than 70 extensions in the Google Chrome Web store were downloaded more than 32 million times and which collected browsing data and credentials for internal websit
Chrome and Edge extensions laced with malware have already been installed three million times
Malware hidden in at least 28 third-party GoogleChrome and Microsoft Edge extensions has been discovered by security researchers.
The malware has the functionality to redirect user’s traffic to ads or phishing sites and to steal people’s personal data, such as birth dates, email addresses, and active devices, according to a report released by cybersecurity firm Avast.
Researchers have said that up to three million users could be affected by the malware.
The malware in question masquerades as legitimate extensions that help download videos from Instagram, Facebook, Vimeo, and other social platforms. The researchers have identified malicious code in the JavaScript-based extensions that allow the plugins to download further malware onto a user’s PC.
Dodgy browser extensions put social media users at risk
More than three million users of third-party browser extensions for Instagram, Facebook, Vimeo and others have been infected with malware, according to Avast
Share this item with your network: By Published: 17 Dec 2020 14:54
Users of social media platforms such as Instagram and Facebook, and other online services, have been warned to be on the alert to third-party Google Chrome and Microsoft Edge browser extensions that are in fact malware delivery mechanisms.
That is according to threat researchers at Avast, who say they have uncovered at least 28 of the dodgy extensions that have, to date, been downloaded about three million times.
Malware hidden in 28 Chrome, Edge extensions hits 30 lakh people daijiworld.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from daijiworld.com Daily Mail and Mail on Sunday newspapers.