CERT-In warns users malicious Google Chrome extensions: Here are some tips to safeguard yourself
CERT has said that a total of 106 Chrome extensions contain codes to bypass Google’s Chrome Web Store security scans.
The Computer Emergency Response Team of India (CERT-In) on Wednesday issued an advisory warning the internet users in India about the malicious Google Chrome extensions that were collecting “sensitive user data.”
The country’s cyber security arm in its advisory said that a total of 106 Chrome extensions that were found to pose as tools to improve web searches, convert files between various formats and security scanners among others contained codes to bypass Google’s Chrome Web Store security scans. Once installed, these Chrome extensions could take screenshots, read the clipboard, harvest authentication cookies and grab user keystrokes to read passwords and other confidential information.
Now, the organisation has shared some tips that will enable users to stay safe:
-- Uninstall the malicious Chrome extensions from Chrome web browser on your personal computer. You can check the entire list of extensions flagged by CERT-In here.
-- Install the extensions that are absolutely necessary for you. Avoid installing unnecessary extensions.
-- Check for user reviews before installing an extension on Chrome.
-- Uninstall extensions that are no longer in use.
-- Install extensions only from the verified sources.