Avast Discovers 28 Malicious Extensions for Google Chrome, Microsoft Edge

Tech giants Microsoft and Google are now investigating a malware that disguises as browser extensions for popular apps like Facebook, Instagram, Vimeo, Soundcloud, Spotify, and even New York Times.

According to the cybersecurity provider Avast as reported by Business Insider, at least 28 malicious extensions were found on both Google Chrome and Microsoft Edge. The security firm warns internet users that the extensions they are installing on their web browsers could be malware disguising as apps and services.

Avast discovers 28 malicious extensions for Google Chrome, Microsoft Edge

(Photo : Avast)
Avast discovers 28 malicious extensions for Google Chrome, Microsoft Edge

Avast discovers 28 malicious browser extensions

The cybersecurity provider found 15 malicious extensions for Google Chrome and another 13 extensions for the Edge. This malware have infected and can ‘hijack’ the URL of around 3 million people worldwide who have installed these extensions on their web browsers. The extension alerts the hacker whenever the victim clicks on a new link.

The hacker can either redirect the user to the new URL or divert him to another destination. Redirecting the victim traffic to phishing sites and ads can ensure a steady money flow. “For every redirection to a third party domain, the cybercriminals would receive a payment,” Avast Threat Intelligence wrote in its report.

Complete list of malware-infected Chrome and Edge extensions

Check out the list below. Immediately uninstall the extension that here is Full list of extensions infected with Malware on Google Chrome and Edge:

  • App Phone for Instagram
  • App Phone for Instagram
  • DM for Instagram
  • Direct Message for InstagramTM
  • Direct Message for Instagram
  • Invisible mode for Instagram Direct Message
  • Downloader for Instagram
  • Instagram Download Video & Image
  • Instagram App with Direct Message DM
  • Stories for Instagram
  • Stories for Instagram
  • Upload photo to InstagramTM
  • Upload photo to InstagramTM
  • Universal Video Downloader
  • Universal Video Downloader
  • Video Downloader for FaceBookTM
  • Video Downloader for FaceBookTM
  • Zoomer for Instagram and FaceBook
  • VimeoTM Video Downloader
  • VimeoTM Video Downloader
  • Volume Controller
  • VK UnBlock. Works fast.
  • Odnoklassniki UnBlock. Works quickly
  • Spotify Music Downloader
  • Pretty Kitty, The Cat Pet
  • Video Downloader for YouTube
  • SoundCloud Music Downloader
  • The New York Times News

Read also: SolarWinds Breach: FireEye Discovers More than 25 Firms Compromised

Google Chrome and Edge Malware extensions can collect user data

According to the Avast report, these Google Chrome and Edge malicious extensions can also collect data. These include device information, personal details like email addresses and birth dates as well as internet activities like IP addresses, operating system, browser used, name of the device, first sign-in time, and last login time.

Google Chrome and Edge Malware extensions can collect user data

(Photo : Solen Feyissa/Unsplash)
Google Chrome and Edge Malware extensions can collect user data

Although the hacker’s primary goal is getting more ad revenue, stealing IP addresses and knowing the login time may provide information about the user’s approximate location and daily routine. This may pose more risks in the future.

While Avast only discovered these extensions in November, there are evidences that some of them are already being used since December 2018. Google and Microsoft are now looking into Avast’s findings but, for now, these extensions remain available on the Chrome Web Store and the Microsoft Edge Add-ons portal.

Avast malware researcher Jan Rubín noted that it is still unclear where these extensions have originated, but they believe they are either were deliberately created with the malware or the author may have waited for these extensions to become popular before pushing the update that contained the malware.

Rubin also added the original author may have sold the extensions to another person who may have added the malware afterwards.

admin

Leave a Reply

Your email address will not be published. Required fields are marked *