Begin typing your search above and press return to search.
The new Parliament
access_time 25 Sep 2023 11:49 AM GMT
Amid India-Canada diplomatic row
access_time 22 Sep 2023 4:00 AM GMT
K Radhakrishnan
access_time 21 Sep 2023 4:00 AM GMT
Womens quota in legislatures
access_time 20 Sep 2023 5:24 AM GMT
Extended Congress CWC meet raises hopes
access_time 19 Sep 2023 5:11 AM GMT
Schools breeding hatred
access_time 14 Sep 2023 10:37 AM GMT
access_time 16 Aug 2023 5:46 AM GMT
Remembering the Teachers
access_time 5 Sep 2023 6:24 AM GMT
Homechevron_rightTechnologychevron_rightGoogle removes...

Google removes malicious Chrome extensions with 75 mn installs from Web Store

Google removes malicious Chrome extensions with 75 mn installs from Web Store

San Francisco: Google has removed 32 malicious extensions from the Chrome Web Store, totalling 75 million downloads, that could alter search results, push spam or unwanted ads.

According to BleepingComputer, the extensions included legitimate functionality to keep users unaware of the malicious behaviour, which was delivered in obfuscated code.

In an analysis of the PDF Toolbox extension (2 million downloads) available from the Chrome Web Store, cybersecurity researcher Wladimir Palant found code that was disguised as a legitimate API wrapper.

The researcher explained that the code allowed the "serasearchtop[.]com" domain to inject arbitrary JavaScript code into any website the user visited.

Moreover, the report said that abuse possibilities range from inserting advertisements into webpages to stealing sensitive information.

However, the researcher did not observe any malicious activity, but the code's purpose remained unclear.

The researcher also discovered that the code was set to activate 24 hours after installing the extension, which is typical of malicious intent, the report mentioned.

Palant later discovered the same suspicious code in another 18 Chrome extensions, including Autoskip for Youtube and Soundboost, which had a total download count of 55 million.

Despite Palant’s efforts to report the extensions to Google, they remained available in the Chrome Web Store. Avast later reported the extensions to Google after confirming their malicious nature, expanding the list to 32 entries.

Meanwhile, Google has blocked the notorious CryptBot malware, which the company claims have stolen data from hundreds of thousands of Chrome browser users in the past year.

According to the company, CryptBot is a type of malware often referred to as an 'infostealer' because it is designed to identify and steal sensitive information from victims' computers such as authentication credentials, social media account logins, cryptocurrency wallets, and more.

Users should note that the removal of extensions from the Chrome Web Store does not automatically deactivate or uninstall them from their browsers and so manual action is required to eliminate the risk.

Show Full Article
TAGS:GoogleChrome extensions
Next Story