A significant online security threat has been identified, impacting a vast number of internet users. Security experts have uncovered a series of malicious Chrome extensions that were freely available on the official Web Store. These extensions managed to accumulate a staggering 1.7 million installs before their true nature was exposed.
The primary purpose of these harmful extensions was to compromise user browsing activities for illicit gain. Their tactics included hijacking search queries, redirecting users to unwanted sites, and injecting intrusive ads into visited webpages. In some cases, they posed risks related to data theft and privacy breaches by potentially monitoring user activity beyond just search.
This discovery underscores the persistent challenge in maintaining robust browser security. Even extensions hosted on official platforms can harbor hidden, harmful functionalities. Users are urged to exercise vigilance when adding any extension, carefully reviewing the requested permissions and the developer’s reputation. Regularly auditing installed extensions and removing any suspicious ones is a critical step in protecting your online experience and sensitive information from such sophisticated online threats.
Source: https://www.bleepingcomputer.com/news/security/malicious-chrome-extensions-with-17m-installs-found-on-web-store/
