Web browser users face urgent security risk as millions warned to remove dangerous extensions
- Replies 0
In the digital age, where convenience and connectivity are king, our tools to navigate the web can sometimes lead us into treacherous waters.
For the 3.2 million users of Google Chrome, a popular web browser, an urgent call to action has been issued: delete certain browser extensions immediately.
Cybersecurity experts have sounded the alarm on 16 compromised browser extensions that have fallen into the hands of hackers.
These nefarious individuals have injected malicious code into the extensions, which can lead to the theft of user data and the perpetration of 'search engine fraud'—a scheme that generates ad revenue by driving clicks to hacker-controlled websites.
The compromised extensions include a variety of tools that many users may find helpful, such as Blipshot, Emojis, Color Changer for YouTube, Video Effects for YouTube and Audio Enhancer, Themes for Chrome, YouTube Picture in Picture, Mike Adblock for Chrome, Super Dark Mode, Emoji Keyboard Emojis for Chrome, Adblocker for Chrome, Adblock for You, Adblock for Chrome, Nimble Capture, KProxy, Page Refresh, and Wistia Video Downloader.
The vigilant team at GitLab Threat Intelligence discovered this security breach and noted that while Google Chrome has removed these extensions from its Web Store, the responsibility falls on users to delete them from their browsers manually.
The best defence against a hijacked browser extension is to exercise caution and due diligence when installing new programs on your computer.
This includes reading reviews that may highlight potential dangers and checking the 'permissions' of extension requests.
Permissions dictate which files or devices the program can access with the user's consent.
Unlike Android phone apps that do not support Chrome extensions, which are typically installed on computers,
This means the threat is confined to desktop users.
The hackers behind this scheme didn't create these extensions; instead, they took control of legitimate ones through phishing attacks on developers.
In some cases, developers were duped into handing over control of their creations.
Once in control, the hackers injected malicious updates into the extensions.
Users who installed these extensions unwittingly opened the door to potential cyber-attacks.
As Notebookcheck points out, these changes often went unnoticed by users who had previously granted permissions to the extensions, allowing attackers to manipulate web activity in real time.
All of the compromised extensions requested permissions that enabled them to interact with any website the victim visited, which allowed malicious code to be injected into those websites.
These Chrome add-ons could spread the hacker's code wherever the user browsed.
Before installing a new browser extension, it's crucial to read feedback about the program to see if other users have reported encountering malware or other issues.
Tech experts from Tom's Guide highlight that while browser extensions can enhance the internet experience, they are not as heavily regulated as smartphone apps.
Many extensions are developed by small companies or individual programmers, making it difficult to ascertain their legitimacy.
Tom's Guide recommends that Chrome users meticulously review the permission settings of extensions they consider installing and read program reviews for any signs of problems or suspicious activity.
GitLab Threat Intelligence has revealed that several users of the 16 hijacked extensions had warned others against installing them after experiencing browser hacks.
The exploitation of trusted software distributors and the reputation of the Chrome Web Store has made this attack particularly effective.
This incident follows a recent warning to billions of Google email users about an advanced phishing tool that can steal real-time web security details.
James Knight, a cyber warfare expert with 25 years of experience, advises everyone to have an active spam filter on their accounts to block phishing emails.
Any suspicious emails that direct you to click on a link should be deleted immediately if they bypass the spam filter.
According to the FBI, phishing schemes were the most frequently reported form of internet crime in 2023, accounting for nearly one-third of all cybercrimes that year.
In addition to deleting these extensions, tech experts urge those who installed the programs to use antivirus software to scan their computers for signs of malware or other viruses.
For our tech-savvy seniors, this serves as a reminder to remain vigilant and proactive in protecting your digital life.
Regularly updating your software, using strong, unique passwords, and being sceptical of unsolicited communications are key steps in safeguarding your online presence.
Credit: YouTube
Have you checked your browser extensions recently to ensure none of them pose a security risk? How do you protect your personal data from online threats like compromised extensions? Let us know in the comments below.
For the 3.2 million users of Google Chrome, a popular web browser, an urgent call to action has been issued: delete certain browser extensions immediately.
Cybersecurity experts have sounded the alarm on 16 compromised browser extensions that have fallen into the hands of hackers.
These nefarious individuals have injected malicious code into the extensions, which can lead to the theft of user data and the perpetration of 'search engine fraud'—a scheme that generates ad revenue by driving clicks to hacker-controlled websites.
Over three million Google Chrome users were urged to remove 16 compromised extensions containing malicious code. Credit: Depositphotos
The compromised extensions include a variety of tools that many users may find helpful, such as Blipshot, Emojis, Color Changer for YouTube, Video Effects for YouTube and Audio Enhancer, Themes for Chrome, YouTube Picture in Picture, Mike Adblock for Chrome, Super Dark Mode, Emoji Keyboard Emojis for Chrome, Adblocker for Chrome, Adblock for You, Adblock for Chrome, Nimble Capture, KProxy, Page Refresh, and Wistia Video Downloader.
The vigilant team at GitLab Threat Intelligence discovered this security breach and noted that while Google Chrome has removed these extensions from its Web Store, the responsibility falls on users to delete them from their browsers manually.
The best defence against a hijacked browser extension is to exercise caution and due diligence when installing new programs on your computer.
This includes reading reviews that may highlight potential dangers and checking the 'permissions' of extension requests.
Permissions dictate which files or devices the program can access with the user's consent.
Unlike Android phone apps that do not support Chrome extensions, which are typically installed on computers,
This means the threat is confined to desktop users.
The hackers behind this scheme didn't create these extensions; instead, they took control of legitimate ones through phishing attacks on developers.
In some cases, developers were duped into handing over control of their creations.
Once in control, the hackers injected malicious updates into the extensions.
Users who installed these extensions unwittingly opened the door to potential cyber-attacks.
As Notebookcheck points out, these changes often went unnoticed by users who had previously granted permissions to the extensions, allowing attackers to manipulate web activity in real time.
All of the compromised extensions requested permissions that enabled them to interact with any website the victim visited, which allowed malicious code to be injected into those websites.
These Chrome add-ons could spread the hacker's code wherever the user browsed.
Before installing a new browser extension, it's crucial to read feedback about the program to see if other users have reported encountering malware or other issues.
Tech experts from Tom's Guide highlight that while browser extensions can enhance the internet experience, they are not as heavily regulated as smartphone apps.
Many extensions are developed by small companies or individual programmers, making it difficult to ascertain their legitimacy.
Tom's Guide recommends that Chrome users meticulously review the permission settings of extensions they consider installing and read program reviews for any signs of problems or suspicious activity.
GitLab Threat Intelligence has revealed that several users of the 16 hijacked extensions had warned others against installing them after experiencing browser hacks.
The exploitation of trusted software distributors and the reputation of the Chrome Web Store has made this attack particularly effective.
This incident follows a recent warning to billions of Google email users about an advanced phishing tool that can steal real-time web security details.
James Knight, a cyber warfare expert with 25 years of experience, advises everyone to have an active spam filter on their accounts to block phishing emails.
Any suspicious emails that direct you to click on a link should be deleted immediately if they bypass the spam filter.
According to the FBI, phishing schemes were the most frequently reported form of internet crime in 2023, accounting for nearly one-third of all cybercrimes that year.
In addition to deleting these extensions, tech experts urge those who installed the programs to use antivirus software to scan their computers for signs of malware or other viruses.
For our tech-savvy seniors, this serves as a reminder to remain vigilant and proactive in protecting your digital life.
Regularly updating your software, using strong, unique passwords, and being sceptical of unsolicited communications are key steps in safeguarding your online presence.
Credit: YouTube
