Extensions for the internet’s most popular platforms may contain malicious software and should be uninstalled
Browser extensions are usually useful, sometimes fun — and occasionally dangerous.
That’s the case for at least 28 browser extensions analyzed by Avast Threat Intelligence researchers after the threat was identified by Czech researchers at CZ.NIC. The affected extensions contain malware and include Video Downloader for Facebook, Vimeo Video Downloader, Instagram Story Downloader, VK Unblock, as well as additional browser extensions for Google Chrome and Microsoft Edge. According to the browser store download numbers, more than three million people may be affected worldwide.
“Our hypothesis is that either the extensions were deliberately created with the malware built in, or the author waited for the extensions to become popular and then pushed an update containing the malware,” Avast researcher Jan Rubin says. “It could also be that the author sold the original extensions to someone else after creating them and then his client introduced the malware afterwards.”
The infected JavaScript-based extensions contain malicious code that makes it possible to download even more malware to a person’s computer. They also manipulate all links that the victims click on after downloading the extensions. For example, links in Google Search leads users to other, seemingly random, sites. This includes phishing sites and ads.
“We believe that these domains are not owned by the cybercriminals, but that the owners of these domains pay the cybercriminals for every redirection,” Rubin says.
Clicking on the links also causes the ..
Support the originator by clicking the read the rest link below.
