If your search results have seemed off, or you’ve noticed an uptick in unwanted ads, you might have accidentally installed one of the 32 malicious Chrome extensions recently struck from the Chrome Web Store. Ranging from an automatic ad-skipper for YouTube videos to a clipboard manager to a VPN, these extensions provided the advertised functionality while also containing hidden, problematic code.
As reported by Bleeping Computer, security researcher Wladimir Palant first spotted the harmful code in an extension called PDF Toolbox in mid-May. It allowed JavaScript code to be injected into any website the user visited, opening the possibility for additional ads to appear on websites or the capture of data like banking info or credit card numbers. This behavior activated 24 hours after the extension’s installation.
In late May, Palant found and reported an additional 18 extensions with similar malicious code to Google, with the top downloads including Autoskip for YouTube, Soundboost, Crystal ad blocker, Brisk VPN, Clipboard Helper, and Maxi Refresher. The total increased to 34 by early June. You can see the full detailed list and read about the technical particulars in Palant’s write-up. In total, the extensions have a combined 75 million downloads (though Palant believes those numbers might be inflated).
Cybersecurity company Avast confirmed Palant’s findings, calling the extensions “adware”—which matches the reports of unwanted redirections and search result hijacking in user reviews. It also reported the extensions to Google, which has since taken action and has removed the extensions from the Chrome Web Store.
If you downloaded one of the malicious add-ons, you must remove it from your browser yourself. Their removal from the Chrome Web Store doesn’t automatically delete them. To do so, click the puzzle-piece icon in the upper-right corner of Chrome, choose Manage Extensions, and use the Remove button to rid your browser of the offending add-on.
- SEO Powered Content & PR Distribution. Get Amplified Today.
- PlatoAiStream. Web3 Data Intelligence. Knowledge Amplified. Access Here.
- Minting the Future w Adryenn Ashley. Access Here.
- Buy and Sell Shares in PRE-IPO Companies with PREIPO®. Access Here.
- Source: https://www.pcworld.com/article/1942295/your-pc-might-have-a-malicious-chrome-extension-installed.html
- 24
- a
- About
- Action
- Ad
- Add-on
- Additional
- Ads
- after
- allowed
- also
- an
- and
- any
- automatic
- automatically
- Banking
- BE
- believes
- browser
- button
- by
- called
- calling
- CAN
- capture
- card
- choose
- Chrome
- chrome extension
- click
- code
- combined
- company
- confirmed
- corner
- credit
- credit card
- Crystal
- data
- detailed
- do
- downloads
- Early
- extension
- extensions
- findings
- For
- from
- full
- functionality
- harmful
- has
- Have
- hidden
- hours
- HTML
- HTTPS
- ICON
- in
- Including
- increased
- info
- installation
- into
- IT
- JavaScript
- june
- late
- like
- List
- manager
- matches
- May
- might
- million
- must
- numbers
- of
- off
- on
- One
- opening
- or
- PC
- plato
- plato data intelligence
- platodata
- platogaming
- possibility
- provided
- read
- recently
- remove
- removed
- reported
- Reports
- result
- Results
- Reviews
- Search
- security
- see
- similar
- since
- So
- store
- taken
- Technical
- The
- their
- Them
- These
- this
- those
- though
- to
- top
- total
- use
- User
- Videos
- visited
- VPN
- web
- Website
- websites
- while
- with
- you
- your
- yourself
- youtube
- zephyrnet
