These 32 Chrome extensions offered legitimate functionalities but injected arbitrary code into any website a user visited.
By Abhik Sengupta: Google has removed 32 Chrome extensions after cybersecurity researchers discovered their malicious intent. According to cybersecurity firm Avast and researcher Wladimir Palant, most of these Chrome extensions offered legitimate functionalities but injected arbitrary code into any website a user visited. Due to this, users were infected with ads on web pages and manipulated search results. It appears that extensions did not redirect users to phishing websites, though the exact purpose remains unclear. Therefore, it is best to remove them if users have them installed. The security researchers claim these 32 extensions have over seven crore downloads, though the numbers seem inflated as the reviews on the Chrome Web Store are suspiciously low.
Days later, the researcher found similar code in over 20 Chrome extensions. By the end of May, Avast, thanks to Palant's initial research, discovered 32 malicious extensions on the Chrome web store. Some of them include Autoskip for Youtube (9 million), Soundboost (6.9 million), Crystal Ad block (6.8 million), Brisk VPN (5.6 million), Clipboard Helper (3.5 million), and Maxi Refresher (3.5 million).
Avast's investigation continues and cautions users from downloading extensions from fishy developers. The post reads, "This example is a reminder that individuals must use caution when installing extensions – even those available on official platforms like the Chrome Web Store. A rule of thumb: Always check the developer's reputation and read reviews before installing an extension. Also, be wary of extensions that request excessive permissions or seem to have unrelated functionalities.
The company promises better security with its anti-virus software. The security researcher adds that these extensions mainly earned money by redirecting search pages, though that does not mean that they still limit themselves to it now.
Cybersecurity issues remain a massive threat, especially in countries like India, where many users are unaware of online security issues. Many bad actors are finding ways to scam users via messaging platforms, such as WhatsApp. Scammers primarily try to persuade users to share sensitive OTP (one-time passwords) or log into fishy web pages.