In this digital epoch, browser extensions continue to infect users with malware as well as spyware at a stronger success rate than ever. Recently, four malicious Chrome extensions have managed to target more than half a million users across the globe. Researchers from the security firm ICEBRG became aware of the findings after detecting a suspicious spike in the outbound network traffic coming from a consumer workstation.
They soon found out that the unusual spike was generated by a Chrome add-on namely HTTP Request Header as it made use of the infected system to secretly visit advertising-related web links. The security researchers later noticed three other malicious Chrome extensions – Nyoogle, (Custom Logo for Google), Stickies (Chrome’s Post-it Notes), and Lite Bookmarks. ICEBRG believes that these Google Chrome extensions were a part of a click-fraud scam, which spawned revenue from per-click rewards. However, researchers warned that the malevolent add-ons can be used to spy on people or organizations that installed them.
ICEBRG also stated that throughout their research, they only observed this specific threat actor using the ability to visit advertising domains for click-fraud campaigns.
Read more at How to Remove Chrome Hijackers in Minutes
Google Chrome boasts around 60% of the overall web browser market, making it a sought-after target for illegal exploitation. Over the past few months, a series of malicious Chrome extensions have been found out. One that discovered in August was utilized by Brazilian criminals to commit banking scam. Another one that surfaced in October was downloaded and installed a .cab file on victims’ system, which kept track on all the data they entered on any site and sent it to a remote server.
According to the ICEBRG note, Google has been introducing more enterprise-friendly security features to manage add-ons. The search engine Google was recently in the news for prepping up a Chrome update to mitigate Meltdown and Spectre. The firm added that Google has removed three of the malicious Chrome extensions from the Chrome Web Store. However, it’s not clear why is the fourth one, Nyoogle, still there.
You may also like: How to Use Chrome Plugin to View Instagram Stories Anonymously