i did it! Google has just removed over 500 malicious Chrome extensions

i did it! Google has just removed over 500 malicious Chrome extensions

Google has removed more than 500 malicious Chrome extensions from its web store after security researchers exposed the behavior of malware that inserts objectionable ads into users' browsing sessions.

Cisco's Duo Security team shared a report with ZDNet and discovered malicious code that is activated under certain conditions and redirects users during browsing. The redirects ranged from affiliate links on retail sites like Dell and BestBuy to malware downloads and phishing pages.

According to the report, the malware-injecting extensions are related to a larger operation that has been in place for at least two years. It is believed that the malicious vendors behind the code may have been active since the early 2010s.

Security researcher Jamila Kaya told ZDNet that she discovered the network of malicious extensions during a routine threat investigation using Duo's free CRXcavator tool, which analyzes the security of Chrome plugins. She noticed a common URL pattern among the redirected sites.

"Individually, we identified over a dozen extensions that shared the pattern," Kaya told ZDNet.

"Once we contacted Duo, they were able to use the CRXcavator database to quickly fingerprint and discover the entire network.

Duo believes that 1.7 million users had installed the first extension Kaya identified. However, Google flagged hundreds more malicious extensions in its own security sweep. It is unclear how many of these 500+ plugins have been installed.

Duo's report is a reminder that Google has an ongoing malware problem; security issues with Chrome extensions occur with alarming regularity. The company is working to tighten restrictions on extensions, but there are still concerns.

Google has removed over 500 malicious extensions from its web store and disabled them within users' browsers. If you have a malicious extension installed in your browser, Google has labeled it as "malicious" and you should remove it and not reactivate it.

Duo publishes an index of malicious extensions if you are unsure whether you have one or more malicious extensions installed in your browser.

Security companies also recommend that you regularly audit your installed extensions, remove those you do not use, and flag those you do not recognize. Some antivirus programs can detect and remove malicious browser extensions.

Categories