Rogue Google Chrome Extension Spies On You

[Petrovic]

The popular Google Chrome browser has some of the best security tools baked in with features such as Safebrowsing which protects users from malicious websites. By extension, ChromeOS which powers the affordable Chromebooks is indeed one of the safest systems one can get these days.

 

Even though the surface of attack is smaller than that of a typical Windows PC, online crooks will always find a way to abuse the system. One of the main points of entry is via rogue browser extensions which are increasingly becoming a problem and are being leveraged in various types of attacks ranging from data theft, spying, pop up ads and more.

 

Chrome extensions are very much like Android Apps as they require certain permissions (access to your contacts, microphone, camera, etc…) and unfortunately more often than not, they require more rights than they ought to have. Additionally, a lot of people don’t really understand what those mean and will install these extensions and forget about them.

 

This makes it an ideal situation for threat actors to aggressively push bogus apps and use a little bit of social engineering to coerce end users into downloading malware laden extensions.

 

Case in point, we recently came across a malvertising incident pushing a site forcing us to install a Chrome extension called iCalc. There was no clean way of closing the window and refusing to install this program. As soon as the user moved the mouse close to the address bar or near the close button, an annoying dialog accompanied by a stern audio message would pop up.

 

 

 

Full Article

[knowledge-Spammer]

again malwarebytes on it