Jump to content
Login new information ×
Login new information
Donations campaign phase one 2024
  • Security & Privacy News

    Kaspersky reveals malicious Chrome extensions

    alf9872000

    By alf9872000,
    Published Date:

    • 355 views
    • 2 minutes
     Share
    • 355 views
    • 2 minutes

    Kaspersky has revealed a list of malicious Google Chrome extensions in its blog post. The company has discovered over 30 Google Chrome extensions with malicious payloads that have received a combined 87 million downloads. One of the apps even had over 9 million downloads. The blog post also suggested users ways to defend themselves against these kinds of situations

     

    The company's investigation was sparked by the discovery of the PDF Toolbox plugin, which allowed users to view any page and have any code placed on it. Additional investigations turned up a total of 34 harmful extensions, each of which was advertised as performing a particular function.

     

    Although the browser add-ons have already been taken down from the Chrome Web Store, Kaspersky is quick to stress that users should check the list of suspicious add-ons and take any harmful ones off their devices because they will still be present. Here is the full list of extensions:

     

    • Autoskip for Youtube
    • Soundboost
    • Crystal Adblock
    • Brisk VPN
    • Clipboard Helper
    • Maxi Refresher
    • Quick Translation
    • Easyview Reader view
    • PDF Toolbox
    • Epsilon Ad blocker
    • Craft Cursors
    • Alfablocker ad blocker
    • Zoom Plus
    • Base Image Downloader
    • Clickish fun cursors
    • Cursor-A custom cursor
    • Amazing Dark Mode
    • Maximum Color Changer for Youtube
    • Awesome Auto Refresh
    • Venus Adblock
    • Adblock Dragon
    • Readl Reader mode
    • Volume Frenzy
    • Image download center
    • Font Customizer
    • Easy Undo Closed Tabs
    • Screence screen recorder
    • OneCleaner
    • Repeat button
    • Leap Video Downloader
    • Tap Image Downloader
    • Qspeed Video Speed Controller
    • HyperVolume
    • Light picture-in-picture

     

    kaspersky-rebranding-in-details-featured

    Kaspersky

    Palant found an "additional functionality"

    "It all began when cybersecurity researcher Vladimir Palant found an extension called PDF Toolbox containing suspicious code in the Chrome Web Store. At first glance, it was a perfectly respectable plugin for converting Office documents and performing other simple operations with PDF files," said Kaspersky in the blog post.

     

    "PDF Toolbox boasted an impressive user base and good reviews, with close to two million downloads and an average score of 4.2. However, inside this extension interesting “additional functionality” was discovered: the plugin accessed a serasearchtop[.]com site, from where it loaded arbitrary code on all pages viewed by the user," it continued.

     

    According to the blog post, Palant found "a couple dozen" extensions on the Chrome Web Store accessing the same server. All these extensions had over 87 million downloads.

     

    Source

     Share
    Go to news

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...