34 Malicious Chrome Extensions Have Been Found With A Total of 75 Million Installs
Jakob Aylesbury / 2 years ago
34 malicious Chrome extensions have been found in the web store which in total could have around 75 million installs.
Malicious Chrome Extensions
As reported by BleepingComputer.com, a cybersecurity researcher, Wladimir Palant had analyzed the PDF Toolbox extension which has 2 million downloads on the Chrome Web Store and has discovered that it was capable of executing malicious code into any website the user visited. This code gave potential for stealing sensitive information however there was no malicious activity observed. Palant also noted that the code was set to activate 24 hours after the extension was installed which is a red flag for malicious programs. A few days ago Palant posted a follow-up where the same malicious code had been discovered in 18 other Chrome Extensions all totalling 55 million active users. After Palant’s findings cybersecurity company Avast after reading on Palant’s findings, discovered more malicious extensions increasing the number to 34 combining to over 75 million installs. Avast reported these extensions to Google and as of 02/06/23 only 8 of these extensions remain.
Where Can I Find Affected Extensions?
The Web Store is filled with extensions and no doubt more than these 34 extensions contain malicious code so it’s wise to stay vigilant when using them. On Palant’s website there is a list of all the affected extensions with those that still remain on the storefront, no doubt this list will be updated regularly if new malicious extensions are found.