We can install many plugins in browsers like Chrome. They are useful, for example, to organize open pages, save them, manage downloads.. But sometimes we can also have security problems. In this article we are going to talk about some Google browser extensions that are widely used but are dangerous. They can steal data or infect the system and we are going to talk about what they are so that you can eliminate them if you have them installed.
Fake Chrome Extensions
In this case we are looking at a total of five Chrome extensions that are fraudulent. They have been detected by McAfee security researchers and aim to steal user information and track users. This is not an isolated thing, as we can see many such plugins being proven to be fraud. But what makes this case really striking is that they are extensions that have many downloads, since in total they have been downloaded 1.4 million times.
One of the main goals of these fake extensions is to track users’ browsing and modify the visitor cookie. In this way they manage to enter a page as if it came from a referral link. Thus, attackers can profit and obtain economic benefit. It does this by uploading a multifunctional script and sending the browsing data to a domain controlled by them.
Once that site receives the information, it checks if the user is entering a page where they have a referral and they modify the cookie so that they enter as if they came from a referral link. Some of these extensions do not act until after 15 days and thus prevent possible security programs from detecting something strange.
This is the list of fake extensions that McAfee has shown:
- Netflix Party: 800,000 downloads
- Netflix Party 2: 300,000 downloads
- Full Page Screenshot Capture: 200,000 downloads
- FlipShope – Price Tracker Extension: 80,000 downloads
- AutoBudy Flash Sales: 20,000 downloads.
Therefore, if you have any of these add-ons installed in Chrome, either you added them yourself or they appeared in your browser due to an attack, you should remove them. You can go to the menu at the top right, click on More tools and click on Extensions. The ones you have installed will appear there.
What to do to avoid fake add
To avoid these types of problems, it is very important that you download browser extensions, be it Chrome or any other, from official sources. This does not mean that you already have 100% guarantees, but it is certainly more likely that you are installing a safe plugin, which has not been created maliciously.
It is also important that you have everything updated. For starters, the browser. But also the operating system you use. This will make you avoid many vulnerabilities that could put your security at risk. Some types of malware, especially those that exploit a specific program, are going to take advantage of a bug that exists. Of course, you should always update programs safely. On the other hand, having a good antivirus will help you detect threats. There are many options available. For example, Microsoft Defender is a good security program, but so are others like Avast or Bitdefender. It doesn’t matter what operating system you use.
Cyber Security Researcher. Information security specialist, currently working as risk infrastructure specialist & investigator.
He is a cyber-security researcher with over 18 years of experience. He has served with the Intelligence Agency as a Senior Intelligence Officer. He has also worked on the projects of Citrix and Google in deploying cyber security solutions. He has aided the government and many federal agencies in thwarting many cyber crimes. He has been writing for us in his free time since last 5 years.