Beware There Are 430 Google Chrome Extensions Infiltrated By Malware
JAKARTA - A number of extension applications on the Google Chrome browser site have been infiltrated with malware. Not a few of these applications are reported to be able to peek at the personal data of its users and upload it to third party sites.
Quoting from Wired, independent researcher Jamilia Kaya together with Cisco's Duo Security system managed to find 430 Google Chrome extensions, which secretly record users' personal data. The data is then uploaded to servers controlled by hackers or hackers.
The extension is part of a longstanding advertising and ad fraud scheme. Initially there were 71 detected existences, but then increased when a number of online stores reported hacking to their sales site, after installing a number of extension applications on Chrome.
In order not to cause more victims from this malware, Google has removed all extensions that have been listed as malicious applications. "Browser extensions have been recognized as a weak point for the security and privacy of individuals, due to their potential to be abused under the guise of useful applications."
"In the case reported here, Chrome extension maker specifically made an extension that obscures the advertising function that connects users to websites controlled by other people," said Duo Security Systems Cisco, Monday, February 17.
The biggest risk, the user's personal data will be exploited through the flow of advertisements. It also attempts to circumvent the Chrome Web Store fraud detection tool.
In other words, the user is accidentally redirected back to the ad, so that the hackers can record the traffic data for the sales site. According to the researchers, most of the victims were not aware of these effects while surfing the internet.
According to Duo, their initial investigation showed that nearly two million users had downloaded an extension that was identified as having malware. Until now, Google also has not found exactly how many people have installed this extension.
For information, it turns out that this case is not the first time that the Google Chrome extension has been misused. ZDNet reported earlier that this type of hoax involves injecting advertisements in a browsing session, but the developer tries to hide it to avoid detection.
In an even more gruesome attack, in 2018, a group of hackers used a Chrome extension to steal login credentials, mine cryptocurrency and have been involved in click fraud, also tying up more than 100,000 users.
For this reason, users who frequently surf the internet are asked to be vigilant when installing this tool in their browser, and use it only when the extension is of proper benefit. As much as possible, users are required to regularly check the extensions used so as not to fall victim to this malware.
The following are the names of file extensions indicated to have malware, Mapstrek.com; Mapsscout.com; Deluxequiz.com; Gameschill.com; Packtrackplus.com; Mapsvoyage.com; Mapsfrontier.com; Yoyoquiz.com; Recipeally.com; Supersimpletools.com; playziz.com; jumboquiz.com, for more details, see the Duolabs website.