Google Chrome Extensions With 500,000 Downloads Found To Be Malicious

Google chrome

Google Chrome Extension, Safe or not?

ICEBRG, a security firm who discovered the malicious Google Chrome extension got an unusual spike in outgoing network traffic. They named the first which is the HTTP Request but to their surprise, also found 3 more, naming Nyoogle, Lite and Stickies Bookmarks.

The firm said that these extensions maybe use to commot click fraud which means, it can imitate the process of a user clicking an ad in their browser). It may also manipuate search engine results, and can be use to create a botnet with the ability to access business networks and user information.

It added that the removal of the malicious extension from the Chrome Web Store may not totally remove it from impacted hosts. In addition to that, the use of third-party Chrome extension repositories may still allow the installation of the extensions.

It may be possible that some of those downloads might have been inflated through the use of bots to make the extenions seem legitimate and trick a lot of people into intalling malware.

Browser developers takes a different approach in checking the quality and the safety of add-ona in their stores.

There’s this process called Enhanced Item Evaluation, that is a series of automated checks that examines code and behavior once the malware has been installed. When the validation is completed, the app will be published ina span of an hour or less.

October last year, there were 37,009 people downloaded a fake version of AdBlock Plus that it was really impossible to find the difference of the real one.

Microsoft launched an extension store for Edge in 2016 and tests each submission individually before its release, this process may take 72hours.

But the Mozilla is very strict in regards to this because all the firefox ad-ons must comply with policies and practices that may vary depending on some problems that will occur.