Malicious Chrome Extensions
Half a Million Users Affected by Malicious Chrome Extensions

In this digital epoch, browser extensions continue to infect users with malware as well as spyware at a stronger success rate than ever. Recently, four malicious Chrome extensions have managed to target more than half a million users across the globe. Researchers from the security firm ICEBRG became aware of the findings after detecting a suspicious spike in the outbound network traffic coming from a consumer workstation.

They soon found out that the unusual spike was generated by a Chrome add-on namely HTTP Request Header as it made use of the infected system to secretly visit advertising-related web links. The security researchers later noticed three other malicious Chrome extensions – Nyoogle, (Custom Logo for Google), Stickies (Chrome’s Post-it Notes), and Lite Bookmarks. ICEBRG believes that these Google Chrome extensions were a part of a click-fraud scam, which spawned revenue from per-click rewards. However, researchers warned that the malevolent add-ons can be used to spy on people or organizations that installed them.

Malicious Chrome ExtensionsThe security firm began its analysis after it noticed an odd jump in outbound network traffic from a workstation at a consumer website. In that case, the traffic was allied with the domain ‘change-request[.]info’. Thus, the investigation uncovered the malicious Chrome extensions. The firm further adds that though the add-ons themselves don’t include any nasty code – that’s how they generally evade security checks – hijackers are able to ultimately enable code injections and implement arbitrary JavaScript code through the add-ons.

ICEBRG also stated that throughout their research, they only observed this specific threat actor using the ability to visit advertising domains for click-fraud campaigns.

ICEBRG found Four Malicious Chrome Extensions

Read more at How to Remove Chrome Hijackers in Minutes

Google Chrome boasts around 60% of the overall web browser market, making it a sought-after target for illegal exploitation. Over the past few months, a series of malicious Chrome extensions have been found out. One that discovered in August was utilized by Brazilian criminals to commit banking scam. Another one that surfaced in October was downloaded and installed a .cab file on victims’ system, which kept track on all the data they entered on any site and sent it to a remote server.

According to the ICEBRG note, Google has been introducing more enterprise-friendly security features to manage add-ons. The search engine Google was recently in the news for prepping up a Chrome update to mitigate Meltdown and Spectre. The firm added that Google has removed three of the malicious Chrome extensions from the Chrome Web Store. However, it’s not clear why is the fourth one, Nyoogle, still there.

You may also like: How to Use Chrome Plugin to View Instagram Stories Anonymously

Summary
Article Name
Half a Million Users Affected by Malicious Chrome Extensions
Description
Recently, four malicious Chrome extensions have managed to target more than half a million users across the globe. Researchers from the security firm ICEBRG became aware of the findings after detecting a suspicious spike in the outbound network traffic coming from a consumer workstation. Click on the link to read more.
Author
Publisher Name
SoftwareVilla
Publisher Logo