06 June 23, 08:10
Quote:Google has removed more than two dozen malicious Chrome extensions from the official Chrome Web Store. These extensions were installed on over 75 million times by Chrome user, who need to become active to remove the extensions from their browsers.Continue Reading
Wladimir Palant detected the malicious extensions and published information about them on the Almost Secure blog. Palant reported a total of 34 malicious extensions to Google, but Google did not remove the extensions immediately.
Security behemoth Avast confirmed the findings and Google pulled the extensions that Avast listed from the Chrome Web Store. Palant notes in a follow-up blog post that these were not all of the malicious extensions. A total of 8 were not removed by Google, as they were later added by Palant and therefore not included in Avast's listing.
Several of the extensions had millions of users, with Autoskip for YouTube leading the list with a weekly active user count of over 9 million. Google listed many of the extensions as featured in the Chrome web store, which one again highlights that the company is not putting enough effort into making sure that featured extensions are safe.
Mozilla does a better job at that. All recommended extensions are code examined whenever they are updated, which means that the likelihood of a malicious recommended extension is very slim. A reviewer would have to overlook malicious code in an extension for that to happen.
Most extensions that Palant discovered are productivity based. Some are video downloaders, others let users interact with videos or audio, e.g., changing volumes, add visual changes or claim to block ads.
Manual removal is required
The main issue for Chrome users is that removal of the extensions does not remove the malicious extensions from Chrome installations.
Closing Words
Users interested in technical details may want to check out Palant's two articles on the matter. There is also the Avast article, which provides additional information, including that even more than the reported 32 extensions were taken down so far by Google.
For Chrome users, it is important to get rid of these malicious extensions immediately by uninstalling them from the web browser. While it is not 100% certain what they do, it is clear that they are set up for malicious activity.
Now You: have you installed any of the extensions?
...