Google removed over 500 malicious Chrome extensions that affected 1.7 million users | HT Tech
Home Tech Tech News Google removed over 500 malicious Chrome extensions that affected 1.7 million users

Google removed over 500 malicious Chrome extensions that affected 1.7 million users

Google with security researchers removed over 500 malicious Chrome extensions which are expected to be part of a larger campaign.

By: HT CORRESPONDENT
| Updated on: Feb 14 2020, 17:48 IST
Icon
Google was harbouring 500 malicious Chrome extensions.
Google was harbouring 500 malicious Chrome extensions. (Pixabay)
Google was harbouring 500 malicious Chrome extensions.
Google was harbouring 500 malicious Chrome extensions. (Pixabay)

Google has been removed over 500 malicious Chrome extensions from its Web Store. These Chrome extensions are said to have been part of a large malware operation and were active for two years.

Google worked with independent security researcher Jamila Kaya and Cisco's Duo Security to investigate and uncover the malicious Chrome extensions. Duo Security's Chrome extension security tool CRXcavator to identify copycat Chrome extensions that infected users by injecting malicious ads. Over 1.7 million users were found to be affected by these malicious Chrome extensions.

These extensions even managed to bypass the fraud detection of the Chrome Web Store. Further investigation revealed these infected Chrome extensions could have been part of a larger campaign to hack into users' browsers and extract data. How hackers managed to do this is through a popular technique called "malvertising". Hackers manage to utilise advertising cookies and redirects through which they control callbacks and bypass detection on the Chrome Web Store.

"Malvertising often occurs within other programs, acting as a vehicle for multiple forms of fraudulent activity, including ad-fraud, data exfiltration, phishing, and monitoring and exploitation. Alternatively, it also emerges in multipart malicious campaigns that involve advertising collection and defraudment," Jamila Kaya and Jacob Rickerd explains in a blog post.

Another reason behind this is the nature of browser extensions which are known to have weak security and privacy.

"The Chrome extension creators had specifically made extensions that obfuscated the underlying advertising functionality from users. This was done in order to connect the browser clients to a command and control architecture, exfiltrate private browsing data without the users knowledge, expose the user to risk of exploit through advertising streams, and attempt to evade the Chrome Web Store's fraud detection mechanisms," the security researchers further explained.

Although the Chrome extensions have been removed hackers could still target browser extensions. The security researchers advises users to check the browser extensions they user, to remove those unused and also to report any unknown ones.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 14 Feb, 17:01 IST
Trending: apple announces special event themed ‘let loose’: here's how to watch and what to expect bored of your instagram explore feed? here’s how you can change, reset it ipad air 2024 launch: better camera, mini-led display and what more to expect from apple apple may open 3 more stores in these cities across india after apple saket, bkc- check locations and all details how to change whatsapp font style and font size in chat window how to hide your instagram online status from others google releases android 15 beta 1.1- update your smartphone to fix performance issues windows 11 system requirements a pain? know the hack to bypass them samsung galaxy s23 fe gets galaxy ai features with one ui 6.1 update- all details google to launch a new ‘anti-virus’ system for apps, reveals android 15 beta release
NEXT ARTICLE BEGINS

Tips & Tricks

WhatsApp banned
WhatsApp banned my number. What’s the solution? Step-by-step guide to ‘unban’ your account
Consider Tonnage
Don't forget these 5 things while buying ACs online
Productivity
Otter AI: How to use this AI meeting assistant app to automatically take notes, transcripts, more
Pixel 8 Pro's Pro
Know how to master Pro Controls on the Google Pixel 8 Pro - check top 4 tips
ChatGPT Plus
How to edit images generated by DALL-E in ChatGPT: Step-by-step guide

Editor’s Pick

Digi Yatra
Digi Yatra users, delete the old app right now- Here’s how to download the new app and use it at airports
iPhone 15
iPhone 16 leaks summarised: Colours, A-series chip and what more to expect from Apple in 2024
STScI-01HFQ5YXZ04PF608HQB0KRTF3S
10 stellar images shot by NASA’s $10 billion James Webb Space Telescope
HDFC Bank alerts about a few common ‘bad habits’ of smartphone users that make it easy for them to fall prey to hacking attempts and scams.
Online scams: 5 habits of smartphone users that make life easy for hackers, warns HDFC Bank
Moto Edge 50 Pro
Motorola Edge 50 Pro review: Should you buy this new AI smartphone under 35,000?

Trending Stories

Dbrand
MKBHD takes tough stand after Dbrand makes racist comment on Indian customer [Update]
GTA_6
GTA 6 leaks: What we know so far about Grand Theft Auto 6
STScI-01HFQ5YXZ04PF608HQB0KRTF3S
10 stellar images shot by NASA’s $10 billion James Webb Space Telescope
Google Vids
Google Vids- All details about this new AI video app and how to use it
iPhone 13
Apple iPhone 13 available at discounted price of Rs. 52,990 on Amazon- Check details
keep up with tech

Gaming

GTA 5 ‘James Bond Trevor’ DLC cancelled: Voice actor speaks out
GTA 5 ‘James Bond Trevor’ DLC cancelled: Voice actor speaks out
Microsoft Unveils Phi-3- its smallest AI model that can run on smartphones- All details
Microsoft Unveils Phi-3- its smallest AI model that can run on smartphones- All details
GTA 6 map may be nearly 3 times larger than Grand Theft Auto 5: All details of the upcoming game
GTA 6 map may be nearly 3 times larger than Grand Theft Auto 5: All details of the upcoming game
Garena Free Fire MAX Redeem Codes for April 24
Garena Free Fire MAX Redeem Codes for April 24: Chance to get 100% bonus diamonds
Garena Free Fire
Garena Free Fire Redeem Codes for April 24: Know how to win every battle with ease

Best Deals For You

oneplus 256 GB smartphones
Top 7 Oneplus 256 GB smartphones: Unleashing power and storage
iPhone 15
Croma announces Everything Apple Campaign; Check offers on iPhone 15, Macbook Air and more
Lenovo
Lenovo unveils AI-powered gaming lineup in India - Legion Pro Series takes center stage
best laptop under rs 60000
10 Best laptop under 60000: Lenovo Vs Asus
best smartwatch brands
Top 10 smartwatch brands: Leading the market with innovation

    Trending News

    MKBHD takes tough stand after Dbrand makes racist comment on Indian customer [Update]
    Dbrand
    GTA 6 leaks: What we know so far about Grand Theft Auto 6
    GTA_6
    10 stellar images shot by NASA’s $10 billion James Webb Space Telescope
    STScI-01HFQ5YXZ04PF608HQB0KRTF3S
    Google Vids- All details about this new AI video app and how to use it
    Google Vids
    Apple iPhone 13 available at discounted price of Rs. 52,990 on Amazon- Check details
    iPhone 13

    Trending Gadgets

    Mobiles Laptops Tablets