34 malicious Chrome extensions have been found in the web store which in total could have around 75 million installs.
As reported by BleepingComputer.com, a cybersecurity researcher, Wladimir Palant had analyzed the PDF Toolbox extension which has 2 million downloads on the Chrome Web Store and has discovered that it was capable of executing malicious code into any website the user visited. This code gave potential for stealing sensitive information however there was no malicious activity observed. Palant also noted that the code was set to activate 24 hours after the extension was installed which is a red flag for malicious programs. A few days ago Palant posted a follow-up where the same malicious code had been discovered in 18 other Chrome Extensions all totalling 55 million active users. After Palant’s findings cybersecurity company Avast after reading on Palant’s findings, discovered more malicious extensions increasing the number to 34 combining to over 75 million installs. Avast reported these extensions to Google and as of 02/06/23 only 8 of these extensions remain.
The Web Store is filled with extensions and no doubt more than these 34 extensions contain malicious code so it’s wise to stay vigilant when using them. On Palant’s website there is a list of all the affected extensions with those that still remain on the storefront, no doubt this list will be updated regularly if new malicious extensions are found.
SOUNDS GREAT – Full stereo sound (12W peak power) gives your setup a booming audio…
Special Edition Yoshi design Ergonomic controller shape with Nintendo Switch button layout Detachable 10ft (3m)…
Fluid Motion: These flight rudder pedals are smooth and accurate that enable precise control over…
Heavy Equipment Bundle: Includes a steering wheel for heavy machinery, gas and brake pedals, and…
Low-profile Keys for an ergonomic gaming experience. With slimmer keycaps and shorter switches, enjoy natural…
Size & style: Ambidextrous lightweight mouse for gaming. Built for speed, control and comfort, with…