Malware in Google Chrome and Edge extensions affects millions

0
2431
malware

Up to 3 million users may have been affected by the latest strain of malware (malicious software) found in various extensions for Google Chrome and Microsoft Edge. The warning was given yesterday (16) by Avast researchers.

The real risk of these 28 extensions infected with malware lies in the fact that they steal personal information from users, in addition to referring them to websites of phishing, or bulk advertising.

Malware hidden in Google Chrome and Edge extensions

malware

In several popular extensions for both browsers or browsers there was a latent danger. Although they promise to download Stories or images from Instagram, Facebook and other social networks, their purpose was different and nefarious.

The following is a list of extensions where Avast researchers found malicious code in JavaScript-based extensions, something that allowed them to access infected computers.

The list of extensions infected with malware:

  • Direct Message for Instagram
  • Direct Message for Instagram
  • DM for Instagram
  • Invisible mode for Instagram Direct Message
  • Downloader for Instagram
  • Instagram Download Video & Image
  • App Phone for Instagram
  • App Phone for Instagram
  • Stories for Instagram
  • Universal Video Downloader
  • Universal Video Downloader
  • Video Downloader for FaceBook
  • Video Downloader for FaceBook
  • Vimeo Video Downloader
  • Vimeo Video Downloader
  • Volume Controller
  • Zoomer for Instagram and FaceBook
  • VK UnBlock. Works fast.
  • Odnoklassniki UnBlock. Works quickly.
  • Upload photo to Instagram
  • Spotify Music Downloader
  • Stories for Instagram
  • Upload photo to Instagram
  • Pretty Kitty, The Cat Pet
  • Video Downloader for YouTube
  • SoundCloud Music Downloader
  • The New York Times News
  • Instagram App with Direct Message DM

Extensions that manipulate the Internet browsing experience

Furthermore, according to Avast researchers, extensions ended up shaping Internet browsing by forcing the user to access certain websites. In the press release of the cybersecurity group the following can be read:

“Users point out that these extensions manipulate the experience of using the Internet, forwarding them to other websites. Whenever the user clicked on a link, the extensions sent information about that action to the attackers’ control server, which, in turn, could send a command to redirect the victim from the actual landing page to a malicious website. ” advances the publication.

“Not only was the user’s privacy compromised, with the record of clicks being kept by the attackers, but it was also possible to extract personal information such as birthdays, email addresses and information from the computer / device.”, Add Avast researchers .

Malware is a common threat …

When surfing the Internet, there is always some risk of facing similar threats. We recommend that you only install applications and extensions from reliable sources, and it is advisable to study the reviews of other users.

Likewise, it is possible to use a Virtual Private Network to shield our data. Among the solutions on the market we recommend ExpressVPN, the best offer in this segment with high speeds and a high level of security.

EBox editors recommend: