Be careful when downloading web browser extensions! A cybersecurity researcher has discovered 34 Chrome add-ons infected with dangerous spyware. And that must be removed without delay!

Be careful when downloading web browser extensions A cybersecurity researcher

Be careful when downloading web browser extensions! A cybersecurity researcher has discovered 34 Chrome add-ons infected with dangerous spyware. And that must be removed without delay!

Extensions for web browsers – such as Google Chrome, Mozilla Firefox, Microsoft Edge or Safari – are very popular with Internet users for their practicality. These additional software modules – also called plugin Or add-on in English – are added to a program to provide it with additional functions or improve existing functions. For example, there are ad blockers, PDF converters, tab management or translation tools, spelling and grammar checkers, VPNs, etc. It’s very simple, there is something for all tastes and all needs, or almost. And most of them are free.

However, caution should be exercised when downloading them – including those from official stores like the Chrome Web Store – as some contain malicious code! And since web browser extensions need access to user data to work, hackers take advantage! Kapersky cybersecurity researchers report the discovery of no less than 34 extensions, which have a total of more than 87 million downloads. One of them, Autoskip for YouTube, alone represents 9 million!

Chrome extensions corrupted: yet popular modules

It all started when Vladimir Palant, an independent computer security researcher, discovered an extension named “PDF Tollbox” with a suspicious code. Still, the app had excellent ratings – 4.2 on average – and two million downloads. But it happened to have “additional features” that allowed it to see everything users did online and arbitrarily change the content of a displayed page. The researcher took his investigation further, focusing on extensions that require full system access, and ended up detecting 34 malicious extensions. Although they have since been removed from the Chrome Web Store – after reports from many experts, complaints from some users having gone unnoticed – they are still present on the computers where they were installed – not to mention that they can still be found and installed via a search engine. Also, we advise you to uninstall them as soon as possible in order to guarantee the security of your device. Here is the list of affected extensions, listed in alphabetical order, to identify them more easily:

  • Adblock Dragon
  • Alfablocker ad blocker
  • Amazing Dark Mode
  • Autoskip for Youtube
  • Awesome Auto Refresh
  • Basic Image Downloader
  • BriskVPN
  • Clickish fun cursors
  • Clipboard Helper
  • Craft Cursors
  • Crystal Adblock
  • Cursor-A custom cursor
  • Easy Undo Closed Tabs
  • Easyview Reader view
  • Epsilon Ad blocker
  • Font Customizer
  • HyperVolume
  • Image download center
  • Leap Video Downloader
  • Light picture-in-picture
  • Maxi Refresher
  • Maximum Color Changer for Youtube
  • OneCleaner
  • PDF Toolbox
  • Qspeed Video Speed ​​Controller
  • Quick Translation
  • Read Reader mode
  • Repeat button
  • Screence screen recorder
  • Soundboost
  • Tap Image Downloader
  • Venus Adblock
  • Volume Frenzy
  • Zoom More

These extensions are capable of tracking your activities, taking screenshots, activating your microphone or camera, replacing addresses in search results with links to adware, and stealing your banking and personal data. identifiers. Delete them quickly!

Cracked Chrome Extensions: How to Avoid Them

It’s not the first time – and probably not the last! – that Google must remove corrupted extensions from its official store. Despite the Web giant’s efforts, hackers are constantly finding new techniques, each more ingenious than the next. This is why you must always be vigilant when installing anything. However, there are several tips that can help you spot infected extensions.

First of all, always download plug-ins through official stores, like the Google Web Store, as they perform an initial check and regularly remove infected software. Once in the store, check the reputation and reliability of the developer – but, as we have seen, this is not always enough to detect corrupted extensions. Finally, periodically review your installed extensions and uninstall those that you no longer use or that you do not recognize (see our practical sheet). Caution is the mother of safety !

ccn5