Dozens of Chrome and Edge browser extensions have been found to steal users’ personal information and deploy malware onto their machines…
Back in February, Google removed more than five-hundred malicious extensions from the Chrome Web Store. Then, in June, Awake Security revealed another one-hundred found across over 15,160 domains. Now, Avast has discovered dozens of Chrome and Edge browser extensions containing malware. In total, there are 28 extensions, 15 of which are built for Chrome, and 13 created for Edge.
15 Chrome Extensions Stealing User Data, Installing Malware
The malicious programs are mostly targeted toward Facebook and Instagram. They effectively redirect traffic to ads and phishing sites. What’s more, the rouge software collects personal data, including birth dates, email addresses, and active devices. But, that’s not all. The crooked plugins likewise collect browsing data and have the ability to install malware onto victims’ devices.
As usual, these dozens of bad extensions have been downloaded by consumers millions of times. Avast believes either the hackers who built the plugins waited for them to become popular and then injected the malware via an update. Or, sold the extensions to nefarious characters who then weaponized the software. Regardless, it’s imperative to remove the following extensions right away:
- Direct Message for Instagram
- DM for Instagram
- Invisible mode for Instagram Direct Message
- Downloader for Instagram
- App Phone for Instagram
- Stories for Instagram
- Universal Video Downloader
- Video Downloader for FaceBook™
- Vimeo™ Video Downloader
- Zoomer for Instagram and FaceBook
- VK UnBlock. Works fast.
- Odnoklassniki UnBlock. Works quickly.
- Upload photo to Instagram™
- Spotify Music Downloader
- The New York Times News