Home Cyber Attack 500 Malicious Extensions Removed From Chrome That Previously Barraged Users With Ads
Cyber AttackHacking NewsLatest Cyber Security News | Network Security HackingNews

500 Malicious Extensions Removed From Chrome That Previously Barraged Users With Ads

by Abeerah Hashim
written by Abeerah Hashim
DoubleX extension analyzer tool

Google Web Store had hundreds of malicious Chrome extensions that used to barrage users with advertisements. Google has now removed 500 such extensions.

Malicious Chrome Extensions Throwing Ads

Reportedly, security researcher Jamila Kaya, with Cisco’s Duo Security, found a flurry of malicious Chrome extensions on Google Web Store. Kaya discovered that the extensions copied other legit add-ons to fool users and execute malicious activity.

The researcher discovered these extensions by using the Duo Labs tool for analyzing Chrome extensions, CRXcavator. As revealed in a blog post, Kaya and Duo found dozens of browser extensions on the Chrome Store that barraged users with ads.

While these extensions posed like a legit-working add-on, they also injected scripts to users’ browsing sessions, redirecting them to other sites. Though, some of these redirections went to legit websites, such as BestBuy, Dell, or Macy’s, most redirections linked to malicious websites.

These extensions, together, affected over 1.7 million users.

Technical details about this study and the list of the said extensions are available in Duo Labs’ post.

Google Removed The Extensions

At first, Kaya found a few dozens of such extensions that seemingly belonged to the same network. Later, Kaya and Duo reached out to Google informing them of the malicious add-ons.

Consequently, Google began investigating the matter and unveiled 500 such malicious extensions. Eventually, the tech giant removed all the extensions from the Web Store. As per their statement,

We appreciate the work of the research community, and when we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses. We do regular sweeps to find extensions using similar techniques, code, and behaviors and take down those extensions if they violate our policies.

Though, the malicious extensions linked in this campaign no more exist on the Web Store. Yet, the researchers still advise the users to stay vigilant while using browser add-ons.

Let us know your thoughts in the comments.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

You may also like

Invision Community Vulnerabilities Risk E-Commerce Websites

Microsoft April Patch Tuesday Fixes Dozens of RCE...

Match Systems publishes report on the consequences of...

Cypago Announces New Automation Support for AI Security...

LayerSlider WordPress Plugin Vulnerability Affected Thousands Of Websites

OWASP Disclosed Data Breach Affecting Old Members

Center Identity Launches Patented Passwordless Authentication for Businesses

GoPlus’s Latest Report Highlights How Blockchain Communities Are...

C2A Security’s EVSec Risk Management and Automation Platform...

ZenHammer Memory Attack Exploits Rowhammer Against AMD CPUs