The security publisher Kaspersky is sounding the alarm regarding the recent discovery of several dozen malicious extensions in the catalog offered by Google Chrome. Some of them are widely used, but it is essential to remove them.
We already knew that malware could hide within Android mobile applications, but another Google program is also the target of malware: it is the Chrome browser. Recently, cybersecurity expert Vladimir Palant pinpointed a corrupted plugin, yet legitimately present in the Chrome Web Store : PDF Toolbox.
This extension seemed quite respectable at first glance, with many positive reviews, an overall rating of 4.2 out of 5, and nearly two million downloads. The problem is that its installation within Chrome gives access to the serasearchtop.com site, which allowed the hackers behind the extension to load arbitrary code on all the pages visited by the user, a very risky practice.
A real danger for plugin users
Vladimir Palant then discovered that dozens of other Google Chrome extensions had the same characteristics. The use of plugins with a size security flaw represents different risks for Internet users :
-Their online activities can be tracked to harvest personal information and sell it,
- Bank details and login details can be saved,
- Advertisements can be inserted into web pages,
- Links can be replaced in search results,
- Browser homepage can be changed arbitrarily.
There are therefore different levels of intrusion : the level that can be described as "advertising", not the most dangerous, but still very unpleasant, and the level that can be associated with the theft of personal data, the repercussions of which can be much more serious.
Knowing this, it becomes difficult to imagine keeping the incriminated extensions on a computer: verification is necessary !
Here is the list of Google Chrome extensions to remove immediately
Kasperky's blog details dozens of malicious extensions, which have been downloaded more than 87 million times in total. If you have installed one of these applications, it is essential to remove it immediately :
- Autoskip for Youtube
- Soundboost
- Crystal Adblock
- BriskVPN
- Clipboard Helper
- Maxi Refresher
- Quick Translation
- Easyview Reader view
- PDF Toolbox
- Epsilon Ad blocker
- Craft Cursors
- Alfablocker ad blocker
- Zoom More
- Basic Image Downloader
- Clickish fun cursors
- Cursor-A custom cursor
- Amazing Dark Mode
- Maximum Color Changer for Youtube
- Awesome Auto Refresh
- Venus Adblock
- Adblock Dragon
- Read Reader mode
- Volume Frenzy
- Image download center
- Font Customizer
- Easy Undo Closed Tabs
- Screence screen recorder
- OneCleaner
- Repeat button
- Leap Video Downloader
- Tap Image Downloader
- Qspeed Video Speed Controller
- HyperVolume
- Light picture-in-picture
Vladimir Palant, who listed these risky extensions himself, points out that there are probably others who are affected by the situation. It therefore recommends that Internet users install as few plugins as possible in their browser, and uninstall those that are no longer useful. A way to minimize the risks, even if it is sometimes difficult not to be trapped.
Comments
Post a Comment