Google removes 32 malicious Chrome extensions with 75mn installs
Google has removed 32 malicious extensions from the Chrome Web Store, totalling 75 million downloads, that could alter search results and push spam or unwanted ads.
 
According to BleepingComputer, the extensions included legitimate functionality to keep users unaware of the malicious behaviour, which was delivered in obfuscated code.
 
In an analysis of the PDF Toolbox extension (2 million downloads) available from the Chrome Web Store, cybersecurity researcher Wladimir Palant found code that was disguised as a legitimate API wrapper.
 
The researcher explained that the code allowed the "serasearchtop[.]com" domain to inject arbitrary JavaScript code into any website the user visited.
 
Moreover, the report said that abuse possibilities range from inserting advertisements into webpages to stealing sensitive information.
 
However, the researcher did not observe any malicious activity, so the code's purpose remained unknown.
 
The researcher also discovered that the code was set to activate 24 hours after installing the extension, which is typical of malicious intent, the report mentioned.
 
Meanwhile, Google has blocked the notorious CryptBot malware, which the company claims have stolen data from hundreds of thousands of Chrome browser users in the past year.
 
According to the company, CryptBot is a type of malware often referred to as an 'infostealer' because it is designed to identify and steal sensitive information from victims' computers such as authentication credentials, social media account logins, cryptocurrency wallets, and more.
 
Disclaimer: Information, facts or opinions expressed in this news article are presented as sourced from IANS and do not reflect views of Moneylife and hence Moneylife is not responsible or liable for the same. As a source and news provider, IANS is responsible for accuracy, completeness, suitability and validity of any information in this article.
Comments
Array
Free Helpline
Legal Credit
Feedback