hacks

Kaspersky reveals malicious Chrome extensions

11 2 minutes read

Kaspersky has revealed a list of malicious Google Chrome extensions in its blog post. The company has discovered over 30 Google Chrome extensions with malicious payloads that have received a combined 87 million downloads. One of the apps even had over 9 million downloads. The blog post also suggested users ways to defend themselves against these kinds of situations

The company’s investigation was sparked by the discovery of the PDF Toolbox plugin, which allowed users to view any page and have any code placed on it. Additional investigations turned up a total of 34 harmful extensions, each of which was advertised as performing a particular function.

Although the browser add-ons have already been taken down from the Chrome Web Store, Kaspersky is quick to stress that users should check the list of suspicious add-ons and take any harmful ones off their devices because they will still be present. Here is the full list of extensions:

Autoskip for Youtube
Soundboost
Crystal Adblock
Brisk VPN
Clipboard Helper
Maxi Refresher
Quick Translation
Easyview Reader view
PDF Toolbox
Epsilon Ad blocker
Craft Cursors
Alfablocker ad blocker
Zoom Plus
Base Image Downloader
Clickish fun cursors
Cursor-A custom cursor
Amazing Dark Mode
Maximum Color Changer for Youtube
Awesome Auto Refresh
Venus Adblock
Adblock Dragon
Readl Reader mode
Volume Frenzy
Image download center
Font Customizer
Easy Undo Closed Tabs
Screence screen recorder
OneCleaner
Repeat button
Leap Video Downloader
Tap Image Downloader
Qspeed Video Speed Controller
HyperVolume
Light picture-in-picture

Kaspersky

Palant found an “additional functionality”

“It all began when cybersecurity researcher Vladimir Palant found an extension called PDF Toolbox containing suspicious code in the Chrome Web Store. At first glance, it was a perfectly respectable plugin for converting Office documents and performing other simple operations with PDF files,” said Kaspersky in the blog post.

“PDF Toolbox boasted an impressive user base and good reviews, with close to two million downloads and an average score of 4.2. However, inside this extension interesting “additional functionality” was discovered: the plugin accessed a serasearchtop[.]com site, from where it loaded arbitrary code on all pages viewed by the user,” it continued.

According to the blog post, Palant found “a couple dozen” extensions on the Chrome Web Store accessing the same server. All these extensions had over 87 million downloads.

Thank you for being a Ghacks reader. The post Kaspersky reveals malicious Chrome extensions appeared first on gHacks Technology News.

gHacks Technology News 

11 2 minutes read

Related Articles

How to login Claude 2 AI

X starts scraping what’s left of Twitter

EmuOS: run retro games and apps right in your browser

Brave is testing a Quick Commands feature

© Copyright 2024, All Rights Reserved  |  Tarek el ESS | Proudly Hosted by WebLebHost
Back to top button