Google confirmed it has removed 34 malicious extensions from Chrome. This is not the first time Chrome has been found to have malicious extensions, and some of these extensions may still be downloaded on some people’s devices. Here’s what we know so far.
How were the extensions discovered?
Cybersecurity expert Wladimir Palant discovered a malicious extension while analyzing the one known as PDF Toolbox, which has more than 2 million users. He uncovered a hidden code within the extension that had gone unnoticed for at least a year.
That prompted the multinational cybersecurity software company Avast to delve deeper into the issue. They found 32 malicious extensions and brought the news to Google, who then found 2 more malicious extensions, tallying up the total to 34.
In total, the extensions were downloaded more than 75 million times and were capable of injecting ads into pages, cryptocurrency mining, or collecting user data such as browsing profiles, online banking credentials, or credit card information.
The 34 malicious extensions found in Chrome Web Store
- Adblock Dragon
- Alfablocker ad blocker
- Amazin Dark Mode
- Autoskip for YouTube
- Awesome Auto Refresh
- Base Image Downloader
- Brisk VPN
- Clickish fun cursors
- Clipboard Helper
- Cursor A custom cursor
- Craft Cursors
- Crystal Ad block
- Easy Undo Closed Tabs
- Easyview Reader view
- Epsilon Ad blocker
- Font Customizer
- HyperVolume
- Image download center
- Leap Video Downloader
- Light picture-in-picture
- Maximum Color Changer for YouTube
- Maxi Refresher
- OneCleaner
- PDF Toolbox
- Quick Translation
- Qspeed Video Speed Controller
- Readl Reader mode
- Repeat button
- Screence screen recorder
- Soundboost
- Tap Image Downloader
- Venus Adblock
- Volume Frenzy
- Zoom Plus
How do I remove a malicious extension?
Use the Remove option
- Open Chrome
- Click the 3 vertical dots
- Click Extensions
- Select Manage Extensions
- Find the extension you want to remove and click Remove
- Click Remove again to confirm
How do I protect myself from malicious extensions?
Along with the 34 malicious extensions, it is likely that there are far more malicious ones that are active that have not yet been uncovered. You can take these steps to ensure you’re not downloading any malicious extensions to your device and risking your information being stolen. Here are some of my tips.
Look at reviews thoroughly
Read reviews carefully before downloading anything to your device. If you notice many negative reviews, then that’s never a good sign. And if you see positive reviews that are super vague and don’t give specific details, those could be fake reviews that scammers have made up to try to lure people in. Use your judgment and trust what your gut is telling you.
Stick to official app stores or trusted sources
Download extensions from reputable sources, such as official browser extension marketplaces, to reduce the risk of downloading malicious software.
Check for spelling and grammar errors
Oftentimes, malicious extensions will have spelling and grammar errors. A legit extension would be thorough with its spelling and grammar to look more professional, and it wouldn’t repeat the same words over again. If you’re noticing a ton of mistakes in the name or description of the extension, take that as a red flag.
Keep your software up to date
Regularly update your operating system and web browser software to ensure you have the latest security patches and protection against emerging threats.
Be cautious of permissions
Pay attention to the permissions and extension requests during installation. It may be a red flag if an extension asks for excessive or unnecessary permissions.
How do I protect myself from malicious extensions?
The best step that you can take to protect yourself against malicious extensions is to have good antivirus software on all your devices. Having antivirus software running on your devices will make sure you are stopped from clicking on any malicious links or from downloading any files that will release malware into your device and potentially have your private information stolen. They will also help you to steer clear of any websites or phishing scam sites that could put your online safety at risk.
Find my review of Best Antivirus Protection here
Kurt’s key takeaways
The discovery and removal of 34 malicious extensions from the Chrome Web Store highlight the ongoing issue of such threats in the browser. You should be cautious of permissions, look at reviews thoroughly, update your operating system and web browser software regularly, and consider using antivirus software to protect yourself from these potentially harmful extensions. In the meantime, hopefully, Google can quickly remove any remaining malicious extensions.
Do you think Google could do a better job removing malicious extensions faster? Let us know by commenting below.
FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
Related:
- Older Americans are being targeted in a malvertising campaign
- 60 top Google Play apps infected with Android malware affecting millions
25 comments
My husbands HP laptop is getting a verbal message coming through that states “ your IP address has been compromised. Do not turn off your computer, call (a number) to protect your computer. You may lose your saved information) or something like that. Is this something we should seek help for and where should we get that?
Hi Sandy, not quite sure what prompted that message, but it definitely sound suspicious and the beginning of some sort of scam in which you’d call a number and give personal information to a crook. First thing to do if you haven’t already done so is to turn on your antivirus software and do a scan of your computer to see if there is any malware on it and remove it. For more information about antivirus software, you can visit our article here.
But what if you don’t use Chrome? I, in fact, eschew Google as much as I can.
Hi Rich, for this particular story, it only pertains to Google removing from the Chrome Web Store 32 malicious *Chrome* extensions that could alter search results and push spam or unwanted ads.