Over 50 malicious Chrome extensions are secretly spying on you2025-04-18 17:03 by DanielaTags: Chrome
Secure Annex cybersecurity researcher John Tuckner has identified 57 malicious Chrome extensions that can be used to track your activities or run malware. Although most of the extensions in question aren't available on the Chrome Web Store, they've still been downloaded over 6 million times, BleepingComputer reports. The most popular of the extensions is called Cuponomia: Coupons and Cashback (with 700,000+ users), followed by Fire Shield Extension Protection and Total Safety for Chrome (with 300,000+ users each). You can view the full list of extensions in this spreadsheet. Due to trickery like false promises of increased security and/or the potential to earn real-world money, many users have been lured into downloading these malicious extensions via ads or scam sites. The malicious extensions found on the Chrome Web Store have been removed as of this writing, but it will be difficult - if not impossible - to tackle the ones spreading via other channels. While Tuckner didn't catch any extensions stealing user passwords or cookies, the excessively risky capabilities, heavily obfuscated code, and hidden logic were enough for the researcher to label them as risky and, potentially, spyware. "There are additional obfuscated signals in other functions that there is significant command and control potential like the ability to list top sites visited, open/close tabs, get top sites visited, and run many of the capabilities above in an ad hoc manner," explains Tuckner. "Many of these capabilities have not been validated, but again, the presence of this capability in 35 extensions which claim to do simple things like protect you from malicious extensions is quite concerning." Read more -here-
Post your review/comments
rate:
avg:
|