Reportedly, Google has removed more than 500 malign Chrome extensions from its Web Store. The latest reports reveal that researchers have discovered five hundred malicious extensions for Google’s Chrome browser. Notably, these extensions quietly transfer the user’s private information to a server that the invader manages. Currently, these malicious browser extensions for Chrome cease to exist. Well, millions of users have downloaded the malicious plugins in the web application of Google Chrome. Researchers Jamila Kaya and Jacob Rickerd from Duo Security have discovered the glitch focusing on an illegal collection of data via extensions. The researchers noted the plugins generally offer advertising services, but they have found the ads are not easy. They have gathered dozens of extensions in the assistance of each other. The pair added, collectively, they have recognized 70 patterns that pair the sample among over 1.5 million users.
The researchers note that the malicious code added by the plugins activated under some conditions, eventually, re-directed users to particular sites. While, sometimes, the extensions would even take users to authentic sites like Dell, Macy’s, or BestBuy via an inbound link. Even more, the extensions also led users to identified phishing pages or malware download sites. Those browser plugins mainly modify Web browsers, customize user interfaces, manage cookies, and block advertisements. Well, the research team behind the discovery also surmises the people behind this act may have been in action since the beginning of 2010. They said the particular extensions belong to a widespread advertising campaign that gathers browser data.
Attackers often use malicious advertising as a fraudulent activity in order to release user information. Usually, hackers re-direct users from legal online advertising columns to malicious pages. On the other hand, Google has appreciated the effort of the research team on such issues. The company representative said when they are notified regarding extensions in the Web Store that breach their policies, they take strong action against it. Even more, it uses such cases as educational material to enhance its programmed and manual studies. Above all, Duo Security has recommended users to routinely audit the plugins they have installed in the application. It also suggests the removal of useless plugins and reporting of unknown ones.