Google Removes 89 Malicious Brower Extensions From Chrome We

As it has done many times over the past year with unwanted Android applications on its Play store, Google has removed 89 browser extensions from its official Chrome web store after a security vendor identified them as being malicious.

Google has also disabled the rogue extensions from running on the devices of over 420,000 Chrome users whose browsers were infected with the malware.

In a blog Feb. 1 security vendor Trend Micro said it discovered the browser extensions—which it has collectively dubbed Droidclub—being used to inject ads and crypto-currency mining tools into websites that the victims visited.

Further reading How Brinqa Brings Actionable Insights to Cyber-Risk... Splunk vs. LogRhythm: SIEM Head-to-Head

The malicious browser extensions also contained keylogging code to record all the actions that a user might take on different websites including all their keystrokes, mouse clicks and scrolling actions.

The code gave attackers a way to steal data that a user might enter into a web form including credit and debit cards numbers, CVV codes, phone numbers and email address, Trend Micro fraud researcher Joseph Chen wrote in the blog.

The attackers used a combination of malicious advertisements and social engineering to distribute the Droidclub extensions on end user browsers. The malicious ads typically displayed false error messages that attempted to get users to install the rogue extensions on the browsers. When users acted on the fake download prompts, the rogue extension would download to their browsers from the Chrome store.

Once installed the extension would communicate with an attacker-controlled command and control server for further instructions. The rogue extensions were designed to periodically serve up what Chen described as low-quality ads such as those associated with pornographic websites.

Trend Micro's disclosure marks the third time in under a month that security researchers have found malicious browser extensions in Google's Chrome store. In January, security vendor ICEBRG reported finding four malicious Chrome extensions in the store that had been downloaded over 500,000 times. Malwarebytes was another cyber-security company to report a similar discovery in January, though in its case the company also reported finding a rogue extension for Firefox as well.

Like the latest Droidclub extensions that Trend Micro reported this week, the malicious Chrome extension that Malwarebytes discovered was also designed to be very hard to remove. In both instances, users attempting to remove the browser extensions by visiting Chrome's extension management page were redirected instead to another page.

For Google, the proliferation of rogue browser extensions on its Chrome web store represents a problem that is similar to the one the company faces with its Play Android mobile app store.



上一篇:在观光旅行中杀死英国飞艇重庆时时全天计划四口之家的水上飞机坠毁“是由飞行员的低空转弯引起的” 下一篇:没有了


  1. Google的“mobilegeddon”:您



想说什么就说点什么吧! * 为必填字段

  • 当这个男人张开嘴时,这可能是你见过的最糟糕的事情

    一个令人毛骨悚然的视频,一个男人去看牙医会给你做噩梦-让你想立刻刷牙。令人震惊的镜头,似乎已被男性口腔卫生师记录下来,显示他张开嘴,露出一些真正令人恶心的东西。在他 ...详情