Malware Hidden in Browser Extensions Attacks Millions – Remove Now
Cybersecurity analysts have observed users unknowingly downloading malicious browser extensions that mask threats including adware and malware, with more than 1.3 million users already attacked in 2022.
Research by cybersecurity vendor Kaspersky revealed that nearly 7 million users were affected by unwanted software disguised as browser add-ons, many of them on Google Chrome. As noted, 4.3 million unique users were attacked by adware sneaking into systems, while more than 2.6 million users were affected by malware.
The threat statistics were taken between January 2020 and June 2022, with the online security firm saying 1,311,557 users have already been affected in the first half of this year, more than 70% of users affected worldwide. all of 2021. It’s important to note that these results were taken from Kaspersky’s own user-shared security network, which means these numbers could be much higher.
Four of the most popular threats hiding under browser extensions have been noted, including the family of malicious browser extensions FB thief. This year alone, 3,077 unique users were detected to have downloaded the malware. As the name suggests, it can steal Facebook users’ credentials, allowing hackers to access valuable information such as emails, passwords, and even financial information.
The malware is difficult to spot because once added to the browser, it will mimic the Google Translate Chrome extension. It spreads to users via a Trojan horse known as “NullMixer”, which acts as a software installer.
The extension changes the default search engine and extracts Facebook session cookies, sending them to hacker’s servers. Once done, threat actors have the ability to log into a user’s Facebook account and then change their login credentials, allowing them to impersonate the user and steal information.
Beware of adware
While malware hiding in browser extensions has been a major problem, adware has been used as the most common threat. Adware is a way for threat actors to generate revenue by automatically displaying a heinous number of online advertisements on a user’s screen, and the report shows the increase in their deployment via adware add-ons. Navigator.
Some of the biggest threats include Internet search family of adware, with 876,924 users affected.
“WebSearch extensions modify the browser’s start page so that instead of the familiar Chrome page, the user sees a minimalist site consisting of a search engine and several links to third-party resources, such as AliExpress or Farfetch “, says the report.
With the new affiliate links, hackers can profit from advertising revenue as these links are used. Additionally, using the default search engine means collecting user data, with relevant ads based on a search then appearing in search results.
Another threat includes Extensions related to DealPly, which reached 97,515 users. It is a popular tool among cyber criminals and it is often downloaded via pirated software from sketchy sites. Like WebSearch, it modifies the homepage with affiliate links and a default search engine.
To finish, AddScript is another family of adware threats, with 156,698 people affected. As the report states, this extension can be used for music and videos from social networks or proxy managers.
AddScript can run unwanted videos on a user’s PC, all so threat actors can make money from video views. But it can also be used for “cookie removal”, which adds cookies even if the user does not click on any affiliate links. As Kaspersky puts it: “Fraudsters trick websites into thinking they’ve sent them traffic without actually doing so.”
You will know when your device is infected with malware or adware by a number of different signs. Of course, the most glaring indication is the abundance of advertisements that appear on your PC, tablet or phone. But it can also mean a change to your web browser’s default homepage and Internet search, a new toolbar, and web pages that no longer display as they used to.
Avoid downloading browser extensions from unofficial or suspicious websites, and stick to the official Chrome web store or the store of the browser you are using.
To learn more about removing adware and all kinds of adware, learn how to remove adware. And, to ensure that your device is safe from all types of malware, be sure to check out the best antivirus apps.