 |
| Chrome Extensions Are Malware |
Remove these 5 malicious extensions from your Google Chrome browser now The best Google Chrome extensions can add useful functions to the popular web browser but can also be used to spread malware and threaten your cybersecurity A recent report from security firm McAfee identified five extensions that promise to enhance your browser but it actually steals your data.
McAfee published a report on Monday detailing five 5 malicious browser extensions available on the Chrome Web Store including "Netflix Party", "FlipShope - Price Tracker Extension", "Full Page Screenshot Capture - Screenshot", and "AutoBuy" extensions. "Flash Sales", and each of them has over 20,000 downloads with over 1,400,000 downloads combined.
As each extension works on-page changes in the browser and every time the user navigates to a new page the extension sends the URL of the page to a remote server to check if the affiliate's revenue code can be entered, many sites include an affiliate code in links to shopping sites which provides them Sometimes a small percentage of revenue, however, most offending extensions aren't about buying items at all and injecting code to all potential pages, and McAfee also found evidence that some extensions wait 15 days after they've been installed to start injecting affiliate code likely to avoid initial detection.
Remove these 5 malicious extensions from your Google Chrome browser now The best Google Chrome extensions can add useful functions to the popular web browser but can also be used to spread malware and threaten your cybersecurity A recent report from security firm McAfee identified five extensions that promise to enhance your browser but it actually steals your data.
McAfee published a report on Monday detailing five 5 malicious browser extensions available on the Chrome Web Store including "Netflix Party", "FlipShope - Price Tracker Extension", "Full Page Screenshot Capture - Screenshot", and "AutoBuy" extensions. Flash Sales", and each of them has over 20,000 downloads with over 1,400,000 downloads combined.
As each extension works on-page changes in the browser and every time the user navigates to a new page the extension sends the URL of the page to a remote server to check if the affiliate's revenue code can be entered, many sites include an affiliate code in links to shopping sites which provides them Sometimes a small percentage of revenue, however, most offending extensions aren't about buying items at all and injecting code to all potential pages, and McAfee also found evidence that some extensions wait 15 days after they've been installed to start injecting affiliate code likely to avoid initial detection.
And Google is eliminating malicious extensions using the new Manifest V3 standard, compared to older Manifest V2 technology (used by at least one extension) Manifest V3 gives people more control over what page extensions can access, and Manifest V3 also blocks remote-hosted code Which will prevent some (but not all) behavior reported by McAfee, as the most popular Netflix Party extension that had over 800,000 users was removed from the Chrome Web Store.
"Full Page Screenshot Capture" is still marked "Featured" in the store, so if you have any installed be sure to remove them, it's a credit to Google that they take a hard stance against these malicious add-ons and have already removed both the Netflix Party extension from the Chrome Store email, however, others are still available for download, moreover even if an extension is removed from the Chrome store users who previously downloaded the extension still need to take action, you will need to manually remove the extensions from your browser to protect yourself entirely and to ensure that your security is not breached on the Internet.
How to protect yourself from malicious browser extensions:
In order to protect yourself and your data from browser extension threats, we recommend that you first use Kaspersky to use only trusted sources to download software, as malware and other unwanted applications are often distributed through third-party resources where they are not subject to the same security checks as official web stores, and even When downloading a browser extension from a trusted source you still have to carefully consider any access requests before agreeing to them, and as the above five examples have proven, even reputable online stores can host extensions with malicious intent.
At the same time, it is also useful to limit the number of extensions you use and to periodically review the extensions you have installed in your browser, as McAfee pre-identifies the extensions that appear fine at first but after a certain period of time start collecting your data, so make sure you are constantly checking what you are looking for About permission extensions, and finally you should have one of the best antivirus solutions installed on all your devices as it can identify malicious extensions and warn you that they must be removed before your data falls into the wrong hands.
0 Comments