Avast discovered 32 malicious extensions on the Chrome Web Store
A well-known antivirus software company — Avast, previously found 32 malicious extensions on the Chrome Web Store. The functions of these plug-ins will be disguised as ad blockers, downloaders, browser themes, recorders, and other skin-innocuous forms, which will reduce the intelligence of users.
These 32 plug-ins have all been removed from the Chrome App Store. In addition, Avast also announced 7 problematic extension plug-ins, including Autoskip for Youtube, Brisk VPN, Crystal Ad block, Clipboard Helper, Maxi Refresher, PDF Toolbox extension, and Soundboost.
Attack Method
These malicious extensions pretend to be tools to help users download content from social media platforms such as Facebook and Instagram or streaming platform websites such as Vimeo and Spotify, but the malicious code in them allows malicious programs to be downloaded to steal sensitive user data, redirect to ads and Phishing site.
When a user clicks on a URL, these extensions send information to the attacker’s server, which sends an instruction to redirect the victim from the real link target to a hijacked URL, and then redirects them to the URL they want. Visiting the website, the user’s privacy will be stolen. The attackers also collect sensitive data such as the user’s date of birth, email address, device information, login time, and even IP address.
Attack Consequences
Avast began monitoring this threat in November 2020, but it believes that these malicious extensions have been active for years without anyone noticing. As can be seen from user reviews in the Chrome Web Store, the hijacking was discovered by users as early as 2018.
If you accidentally download these malicious plug-ins, it may cause users to send malicious emails, pay links, change search details, etc., thereby stealing users’ personal information. These plugins have been downloaded a total of 75 million times and are estimated to have affected millions of users.
How to Avoid
Although Chrome itself is very safe, malicious programs in plug-ins are hard to detect. They also have very good “self-hiding” capabilities, so it is difficult for ordinary users to find out. Sinokap recommends that you install programs from the Chrome Extension Center, and pay attention to the permissions required by the extension to run, read reviews, and be wary of extensions that request excessive permissions or seem to have irrelevant functions.
IT Security Training
The purpose of cyber attacks such as phishing and ransomware viruses is to obtain user personal information or company data, and ultimately extort money. Sinokap uses malicious extensions to remind everyone that in daily work when searching for information on the Internet, you must be vigilant, use a regular browser, and not click or download unknown links and software at will. we sort out some IT security training videos and articles. At the same time, Sinokap can also provide online and on-site IT security awareness training for enterprises. We are here to help. Thanks for contacting us!
2. Ransomware
Table of Contents
What We Provide
Managed IT Service
How can we help you?
Call Us, Write Us, Or Knock On Our Door. We are here to help. Thanks for contacting us!
