Palant uncovers 34 malicious browser extensions

Share post:

Palant has uncovered 34 malicious browser extensions that were cleverly disguised as essential utilities like ad blockers and browser themes and have been causing havoc on an estimated 87 million users globally.

Rather than collecting personal information, these extensions penetrated customers’ computers with malware, causing disruption. Some customers saw incomplete extension development, while others had their search results rerouted to unknown and potentially dangerous websites.

The extensive list of identified malicious extensions includes Autoskip for YouTube, Soundboost, Crystal Ad block, Brisk VPN, Clipboard Helper, and Maxi Refresher. Other deceptive extensions included Quick Translation, Easyview Reader view, PDF toolbox, Epsilon Ad blocker, Craft Cursors, Alfablocker ad blocker, Zoom Plus, Base Image Downloader, Clickish fun cursors, Cursor – A custom cursor, Amazing Dark Mode, Maximum Color Changer for YouTube, Awesome Auto Refresh, Venus Adblock, Adblock Dragon, Readl Reader mode, Volume Frenzy, Image download center, Font Customizer, Easy Undo Closed Tabs, Screence screen recorder, OneCleaner, Repeat button, Leap Video Downloader, Tap Image Downloader, Qspeed Video Speed Controller, HyperVolume, and Light picture-in-picture.

Palant discovered that specific extensions had been marketed via search page redirecting since 2021. According to Palant, Google swiftly deleted all 34 identified extensions from the Chrome Web Store by June 3.

Further examination found unusual behaviour relating to the number of extensions installed. It appears that the download counts were modified to make them appear more popular. The paucity of user evaluations on the Chrome Web Store for these extensions, as well as the disparity between reported threat encounters and official install counts, raises questions about the data’s veracity.

The sources for this piece include an article in TheSun.

SUBSCRIBE NOW

Related articles

North Korean Job Scam Targeting IT Job Seekers

North Korea’s Lazarus advanced persistent threat (APT) group has launched a sophisticated campaign, “Operation 99,” targeting freelance software...

Hackers Exploit FastHTTP in High-Speed Microsoft 365 Attacks

Threat actors are employing the FastHTTP Go library to launch high-speed brute-force password attacks on Microsoft 365 accounts...

YouTubers Targeted As Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

Attackers have found a new way to infect people seeking pirated or cracked software: planting malicious download links...

New macOS Malware Exploits Apple’s Security Features to Stay Hidden and Steal User Data

A newly discovered variant of the Banshee macOS Stealer malware is putting 100 million Apple users at risk...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways