Google Chrome users have been warned to remove 16 “malicious” browser extensions that can lead to security threats and remove “scams” at the hands of prolific “threat actors.”
The extension affects features including screen capture, ad blocking, emoji keyboards, and potentially affecting at least 3.2 million users. According to Gitlab Threat Intelligencefirst reported a threat.
The extension injects code and harmful scripts into the browser, allowing hackers to steal user data and engage in search engine scams that include ad revenue, According to Tom's guide.
After granting users permission to use them, the extension was infected with a malicious update that destroyed them, although legal.
According to Technical Site Notebook CheckThe attack was tracked by developer accounts that unconsciously forward control of the extension to attackers where dangerous updates are available through the official browser extension store.
Dangerous extensions include:
- Blip shot
- Emoji (emoji keyboard)
- Color changer for YouTube
- YouTube and Audio Enhancer Video Effects
- Photo themes for Chrome and YouTube
- Mike Adblock Für Chrome
- Super Dark Mode
- Emoji keyboard emoji for chrome
- Adblocker (NOADS) in Chrome
- Adblock for you
- Adblock for Chrome
- Nimble Capture
- Kproxy
- Page Update
- Wistia Video Downloader
- watoolkit
The targeted extension has already been removed from the Chrome Web Store, but users will need to manually remove it if it is still installed in their browser.
Tom's Guide uses antivirus software to advise you to scan for malware and other viruses.
