The logo of Google's Chrome browser.
-
Mr. Lennihan / AP / SIPA
Avast researchers announced Wednesday, September 16, that they had identified at least 28 malicious extensions available on Google Chrome and Microsoft Edge browsers.
They have been downloaded more than three million times, reports 01Net.
The extensions identified by the company are apparently harmless.
Associated with some of the most popular platforms in the world, they promise to offer tools to use sites like Instagram, Facebook or Vimeo with more convenience.
Warning #Phishing: Trojans have been identified by Avast in 28 different browser extensions for Chrome or Edge, including add-ons relating to Instagram or downloading videos.
Complete list in the article.
#Malware https://t.co/3FUroRNb1R pic.twitter.com/CTV1YzOG6V
- Defakator (@DEFAKATOR_Off) December 18, 2020
Siphon visited URLs
But once installed, the malware they contain redirects user traffic to unsolicited advertisements or web pages.
One way to generate fake traffic and monetize it, but not only.
Some of these extensions would also be able to collect all the URLs visited by a trapped Internet user and redirect them to phishing sites.
The people behind this malware could thus collect valuable information (birthdays, e-mail addresses, IP addresses, connection times, etc.) illegally.
A very discreet threat
Avast began investigating these malicious plug-ins last November and does not rule out that they were "deliberately created with malware".
"They could have been active for years without anyone noticing," says the company specializing in computer security.
The type of software used is indeed very difficult to locate since it remains inactive the days following the download of the extension.
It can even determine if the user installing the installation is a developer, in which case the malware remains dormant.
Avast has identified the affected plug-ins on its site and notified Microsoft and Google.
They should soon clean up their extensions store.
Trapped users are urged to imitate them urgently.
Culture
Google Doodle celebrates the 26th anniversary of the discovery of the Chauvet cave
High Tech
The European Union unveils its plan against the abuses of Google, Facebook and Amazon
Internet
Microsoft
Computer virus
High Tech
Google chrome