These popular Chrome extensions can hijack your browser, so delete them

As dangerous as the Google Play store can be for Android devices, the Chrome Web Store is just as risky if you aren’t careful. On Sunday, the cybersecurity team at Guardio Labs alerted Chrome users to a new campaign that lets hackers hijack browsers using extensions. Over a million users have downloaded the malicious extensions already.

Some Chrome extensions can hijack your browser

As the researchers explain, 30 variants of the seemingly innocuous extension were available for Google Chrome and Microsoft Edge as of mid-October.

At first glance, the extensions look to be basic color or style-changing tools for your browser. That’s why Guardio has named this malvertising campaign “Dormant Colors” — the browser extension itself doesn’t contain any malicious code. Instead, the extension redirects users to pages offering videos or downloads. In order to watch the video or download the software, those pages will push you to download another extension.

Here’s what it looks like in action, so you know what to look out for in the future:


Hopefully, a page that looks like this would set off internal alarms and have you running for the hills. But let’s say you did attempt to add this very suspicious extension to your browser. The malicious extension immediately begins side-loading code into your browser. This code will redirect you to sites where the developers of the extension can generate cash through ad impressions. As bad as this sounds, it gets even worse.

If you visit a site on the extension’s “shopping list,” it will redirect you to a new URL with an affiliate link. This makes money for the developer of the extension if you end up purchasing anything. It’s also possible for the developers to use this method of hijacking to send users to fake login pages and steal their usernames and passwords.

Guardio shared the following list of extensions that are part of the campaign:

Malicious Chrome extensions from the Dormant Colors campaign. Image source: Guardio

Thankfully, most, if not all, of these extensions are no longer on the Chrome Web Store. If you happen to have any of these extensions installed on your browser, you should remove them as soon as possible. Even if you don’t, be vigilant, as Guardio claims the campaign “is still up and running, shifting domains, generating new extensions, and re-inventing more color and style-changing functions you can for sure manage without.”

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.