Over three million internet users have reportedly been found out to have installed about 15 Chrome as well as 13 Edge extensions that supposedly all include malicious code according to the security firm known as Avast. The total 28 extensions could possibly contain code capable of performing a few malicious operations, an article by ZDNet showed.
What did the malicious code do?
Redirect the user traffic towards ads
Redirect the user traffic towards phishing sites
Collect certain personal data like birth dates, email ads, and even active devices
Collect users' browsing history
Download even more malware onto the users' devices
Avast researchers then stated that they believe that the main objective of the particular campaign is to hijack the user traffic for certain monetary gains. The company then stated that for every single redirection towards a third party domain, these cybercriminals would be able to receive payment.
What is a malicious extension?
Avast then stated that it had discovered the noted extensions some time just last month and have found reasonable evidence that a number of them had actually been active ever since back December of 2018. This was when some users were first reporting issues with being direct towards other sites.
According to Jan Rubin, the Malware Researcher over at Avast, they could not identify if the said extentions had in fact been created along with malicious code from the very start when it was added via a certain update when the extensions started to become popular. A number of these extensions even reportedly got tens of thousands of installs which reportedly helped users download multimedia content coming from Facevbook, Vimeo, Instagram, and even Spotify.
Here are the 15 Chrome extensions said to be malicious:
Here are 13 edge extensions said to be malicious:
Read Also: Facebook Launches Ads Attacking Apple While Claiming They 'Stand for Small Businesses'
Are Chrome extensions bad?
Although there has not yet been an official announcement from Google or Microsoft as to what to do should this happen to users, Avast recommends that users immediately uninstall and also remove these extensions from users' browsers.
Although some of these extensions might be quite useful, Avast recommends that users be cautious since the harmfulness of these extensions is still unknown. Google and Microsoft has still to address these matters.
Related Article: Facebook Sued by Australia for Alleged 'Misleading' VPN App
This article is owned by Tech Times
Written by Urian Buenconsejo