MALICIOUS Google Chrome extensions downloaded by more than 80million people have been uncovered by cyber security buffs.
The dodgy tools available through the Chrome Web Store allowed hackers to take over your phone or spam you with ads that tank your gadget's battery life.
More than 300 harmful extensions were uncovered by AdGuard, which builds a line of ad-blocking and privacy protection software.
The downloads were disguised as ad-blocking tools, games, themes and wallpapers. They have now been removed from the Chrome Web Store.
"You'll never have to scroll far or spend a lot of time to find scam extensions," AdGuard wrote in a blog post last week.
"You can always trust Chrome Web Store to bump such extensions to the very top of the list."
AdGuard discovered the network of fake extensions while researching a series of dodgy ad-blockers.
The network comprised roughly 300 extensions downloaded by 80million people worldwide.
In their blog post, the team reported three tactics used by hackers to swindle unsuspecting users.
One involved injecting ads into Google search results that were riddled with malware.
Dodgy Google Chrome extensions to avoid
Here are some of the malicious extensions discovered by AdGuard...
ScreenShot & Screen Capture Elite"
Kawaii Wallpaper HD Custom New Tab"
"Shadow Of The Tomb Raider Wallpaper New Tab"
"Kpop SHINee Wallpapers HD New Tab"
"Tokyo Ghoul Wallpaper HD Custom New Tab"
"Mega Man Wallpaper HD Custom New Tab"
"Weather forecast for Chrome™"
"Kpop Blackpink Wallpaper HD Custom New Tab"
"Kpop Red Velvet HD NewTab Themes"
"Tumblr Wallpapers Wallpaper HD Custom New Tab"
"season 6 fortnite HD Wallpapers NewTab"
"Unicorn Wallpaper HD Custom New Tab"
"My Hero Academia Wallpaper HD Custom New Tab"
"Cs Go Wallpaper HD Custom New Tab"
"Super Junior Wallpapers Eunhyuk"
"Boku No Hero Academia Wallpaper HD New Tab"
"D.Gray-man Backgrounds New Tab"
"Super Cars - Sports Cars Wallpaper HD New Tab"
"Lil Pump HD New Tab"
"3D Wallpaper HD Custom New Tab"
"Snowman & Gingerbread New Tab Constellations"
"Gucci Tab Themes HD Bape"
"Bulldogs Tab"
"Kobe Bryant - Black Mamba New Tab Themes HD"
"GTA 5 Grand Theft Auto"
"Bangtan Boys Wallpaper HD Custom New Tab"
"Aquarium Live Wallpaper HD Custom New Tab"
"RM & Jin Tab Wallpapers"
"Akame Ga Kill Wallpapers HD"
"Sports Cars"
"Moving Wallpapers Wallpapers"
"Christmas Tree Lights NewTab Emoji"
"Jungkook HD Tab Backgrounds"
"CS GO Themes NewTab"
"One Direction 1D HD NewTab"
"My Hero Academia Wallpaper HD Custom New Tab"
"Suga"
"Puppies Wallpaper HD Custom New Tab"
"Gta V Wallpaper HD Custom New Tab"
"Lamborghini Live Wallpaper HD Custom New Tab"
"Tokyo Ghoul Wallpaper HD Custom New Tab"
"Galaxy Wallpaper HD Custom New Tab"
"Stargate SG-1 Tab Wallpapers HD"
"Rogue One - Star Wars Wallpaper HD New Tab"
"Bugatti Vs Lamborghini Wallpaper HD New Tab"
"Galaxy Space Wallpaper HD Custom New Tab"
"Avengers Endgame"
"Spiderman HD NewTab Comics"
"Glitter Wallpaper HD Custom New Tab"
"Super Cars Wallpaper HD Custom New Tab"
"Naruto Wallpaper HD Custom New Tab"
"Cats & Dogs Wallpapers & Cats & Dogs Games"
"Riverdale Tab Themes"
"Kawaii Wallpaper HD Custom New Tab"
"Stephen Curry NewTab Wallpapers"
"Naruto Wallpaper HD Custom New Tab"
"Witcher Backgrounds HD Tab"
"Planet Earth Nature Space Art Wallpaper Tab"
"Galaxy Space Wallpaper HD Custom New Tab"
"Beagle Wallpapers New Tab"
"Blue Exorcist Wallpapers NewTab"
"Boku No Hero Academia Wallpaper HD New Tab"
"Sicario Day Of The Soldado Themes NewTab"
"StarCraft Themes NewTab"
"Nike Themes"
"Jesus New Tab"
"Sword Art Online Wallpaper HD Custom New Tab"
"Bts Suga"
"Hot Rod Wallpapers - Classic Cars Themes"
"Anime Wallpaper HD Custom New Tab"
"Zelda Wallpaper HD Custom New Tab"
"Anime Wallpaper HD Custom New Tab"
"Video Downloader and MP3 converter Pro"
"Danganronpa Wallpapers"
"Adblocker for YouTube - Youtube Adblocker"
"Cristiano Ronaldo Wallpapers"
"Mac Wallpaper HD Custom New Tab"
This has been used by crooks before and can be used to take over your mobile. It has also been known to affect your phone or laptop's battery life.
A second method used by a portion of the dodgy extensions sets web cookies for users that then funneled affiliate payments back to the hacker.
This was mostly used to make some extra cash but could also have had a negative impact on your battery performance.
Finally, a third approach allowed hackers to remotely change how your phone worked at a moment's notice.
"They can start doing some shady stuff at any second," AdGuard said.
Dodgy extensions disguised as legitimate ones are banned by Google and the firm monitors and attempts to keep the Chrome Web Store free of them.
AdGuard reported the extensions found by its team to Google.
The search giant had not removed them from the Chrome Web Store at the time the blog was published on August 4.
However, the company later removed most of them after AdGuard's research began to appear on news sites, AdGuard said.
A Google spokesperson told The Sun: "When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses."
Google Chrome – what you need to know
Here's a quick guide...
Google Chrome is a web browser created by Google
It's cross-platform, which means it works on a range of systems including Microsoft Windows and Apple's iOS
The browser also serves as the main part of Chrome OS – Google's own operating system
Most of Chrome's code comes from Chromium, an open-source project built by Google
Google Chrome is Google's general-release browser based on Chromium, but anyone can build a Chromium app
The full Google Chrome browser is completely free to download and use
And according to StatCounter, around 68% of all web browsers globally are Google Chrome
That's down from a peak of 72%
Google Chrome was first released on September 2, 2008
AdGuard accused Google of setting up lax safeguards for Web Store users.
"These extensions keep occupying top positions in the Store and doing their dark deeds," researchers wrote.
"Maybe I just need to wait more, like a month? But I'm afraid during that month a couple hundred thousands more users will get hurt."
The Sun has reached out to Google for comment.
To protect yourself from dodgy Google Chrome extensions, AdGuard provided the following advice:
If you're going to install a browser extension, think again. Maybe you don't really need it?
Install extensions only from the developers you trust.
Don't believe what you read in the extension's description.
Reading the users' reviews won't help as well. Most of the malicious extensions have excellent reviews and yet they are malicious.
Don't use the Chrome Web Store internal search, follow the links on the trusted developers' websites directly.
Google Chrome shows off Duplex tool for booking everything from restaurant tables to rental cars
Exclusive
UNREAL BEAUTY
The hot Insta models raking in £9m a year - but all is not as it seems
ROTTEN FRUIT
Apple 'to kill off' 3 of its best-loved mobiles following release of iPhone 12
WHAT A GEM
Enormous 442-carat diamond unearthed in Africa is worth 'up to $18MILLION'
PHONE HOME?
Mystery over radio signal being beamed to Earth every 157 days from deep space
APP SCAM
Android users warned to delete 23 apps that could scam them out of thousands
LOG OFF
Zoom DOWN in mysterious outage as video calling app stops working around the world
In other news, an Alexa 'snooping-blocker' that jams the microphone of your Echo smart speaker has been developed.
Netflix lovers are being warned about a new email scam claiming to offer a year's free subscription to the service.
And, Garmin is back online after being targeted by hackers.
Have you come across any dodgy Google Chrome extensions? Let us know in the comments...
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at tech@the-sun.co.uk
This fish is worth $300,000 - New York Post This fish is worth $300,000 - New York Post Posted: 05 Jun 2016 12:00 AM PDT With exacting precision, the surgeon inserted the scalpel above the eyeball and cut out a snotty deposit of fatty tissue. The routine eye-lift was nearly complete when suddenly the patient awoke, suffocating, and began to flop about on the table. The audience gasped. Knowing time was of the essence, the surgeon scooped up the patient in his arms, raced across the stage, and dropped her into a tank of water. She revived. Because she was a fish. Yes, fish eye-lifts exist. As do fin jobs and tail tucks. The operating theater was a mall in Jakarta, Indonesia, where a pet expo was under way. As for the patient, she survived, her formerly droopy eyes now bright and perky. A good thing, too, as this was no ordinary goldfish but rather an Asian arowana, the world's most expensive aquarium denizen, rumored to sell for as mu...
Abstract The global marine aquarium trade has created new local markets across the planet, including in Indonesia, now the second-largest exporting country of marine aquarium fish in the world. Participating in the global aquarium trade has been touted as a potentially sustainable addition to fisher livelihoods, but scant data exist showing the numbers of fish coming off the reef and how those fish contribute to income. To determine how participants in the trade incorporate aquarium species in their livelihoods, we examine source-level aquarium fish collecting and trading data in the Banggai Archipelago, a region in Central Sulawesi that has become a significant source for popular aquarium, also known as ornamental, fish species. Using a sustainable livelihoods lens, we examine this data to understand how participants in the aquarium trade both contribute to as well as benefit from the trade and consider how their participation relates to emerging Blue Justice principles. From one year...
NilocG Launches New Website for the Only All-in-One Thrive Fertilization Solution for Planted Aquariums - PRNewswire NilocG Launches New Website for the Only All-in-One Thrive Fertilization Solution for Planted Aquariums - PRNewswire Posted: 11 Mar 2021 02:00 AM PST ALBANY, Ore. , March 11, 2021 /PRNewswire/ -- NilocG launches a new website for planted tank enthusiasts to gather and make THRIVE, a plant fertilizer that assures planted tank aquascapes flourish while eliminating the need for multiple products more readily available online. The company also takes it a step further in the industry, making its flagship product easy to dose, super-concentrated, and an all-in-one solution based on an effective EL dosing method with all essential micro and macronutrients. Continue Reading Thrive fertilizer: North America's most trusted aquarium plant fertilizer Colin Grice , CEO, a self-described planted tank lover, re...
Comments
Post a Comment