After a two-months long investigation headed by a cybersecurity researcher, Jamila Kaya, and the entire Cisco’s Duo security team, Google has officially removed up to 500 Chrome extensions from its official web store.
The removal became imperative when it became evident that these extensions were guilty of including malicious code which reportedly redirected users to affiliate sites like BestBuy or Dell, and other times, it redirects to illegitimate and poorly known sites. In other cases, these Chrome extensions lead to websites with malicious content, such as a malware-infected site or a site loaded with spyware.
ZDNet reported that these extensions were part of a larger malware attack that has been active for years. They reported further that the operation must have been orchestrated by a group with roots as far back as the early 2010s.
The security researchers who uncovered the secret that later led to the lockdown of these extensions utilized CRXcavator, a tool used in analyzing Chrome extensions. It was discovered from the use of this tool that many Chrome extensions serve very little purpose, with little information about their purpose, and they also had a similar codebase.
Furthermore, these extensions led to visits to sites with a similar URL pattern, when a routine threat hunting was carried out.
It is sad, however, that a lot of Google Chrome users are to be impacted by these extensions, as the collection has a whopping user base numbering up to 1.7 million.
After the discovery of the malicious extensions, Jamila Kaya and her team reached out to Google, who didn’t hesitate in taking necessary actions by removing the extensions.
As the extensions reported by Cisco’s Duo security team wasn’t a high number, Google had to carry out additional research to remove more malicious extensions, thereby bringing the total number of removed Chrome extensions to about 500.
What Extensions Were Removed?
The removed Chrome extensions are the extensions that disrupt the users’ web experience by hijacking the browser and changing the users’ destination to their partner websites.
While the extensions try to do this in a non-obtrusive manner, the use of powerful tools could easily uncover them and save users the risk of downloading unsolicited malware to their computer.
The removed extensions were not only removed from the Chrome Web Store, but it was also disabled in every user’s browser and marked “malicious”, to avoid the users from enabling it again. A comprehensive list of the removed extensions was listed in the Duo report.
Faqontech and its contents are protected by COPYRIGHT LAW (DMCA) with high-priority response rate. Reproduction without permission or due credit link back will cause your article(s) to be removed from search engines and disappearance of Ads on that page if monetized with Adsense.
We Also accept Sponsored post, → Contact Us Now!!
NOTE that Your Adverts can be placed here on Faqontech either Banner, Link or Text ADS We got you covered, We have different advert space waiting for you. Want to know more about our advert placement click HERE