Home
Threat Intelligence Posts
Malware Intelligence

Malware-Laced Chrome, Edge Browser Extensions

CloudSEK threat intelligence advisory on malware-laced Google Chrome, Microsoft Edge extensions, pose as video downloader applications.
Updated on
April 19, 2023
Published on
December 21, 2020
Read MINUTES
5
Subscribe to the latest industry news, threats and resources.
Advisory
 Malware Intelligence
Malware Type
 Trojan
Threat level
 Medium
Target
 Browser Extensions
While extensions are meant to expand the capabilities of a browser, installing browser add-ons that are infected with malware can compromise the security of the computer as well as the victim. Corrupted extensions masquerade as legitimate software programs.  In a major malware-based attack, 3 million users were recently hit with 28 malicious Google Chrome and Microsoft Edge extensions. They posed as video downloader applications for platforms like Facebook, Vimeo, Instagram, VK, etc. It was detected that the malicious code was injected into these Javascript-based extensions to download further malware into the victim’s computer.

Malware capabilities:

  • Produce log files for each time the victim clicks on a URL.
  • Redirect the users to advertisements and phishing websites
  • Steal personal data (birthday, email address, first sign-in time, last login time, device information, device name, operating system, browser details, IP address)
  • Prevent detection even by skilled users in web development

Impacts

Technical Impact:
  • Steal personal/ sensitive information
  • Download further malware
  • Control and monetize from browser traffic
Business Impact:
  • Data leaks can have an adverse impact on the victims privacy.
 

List of infected extensions

Direct Message for Instagram Direct Message for Instagram
DM for Instagram Invisible mode for Instagram Direct Message
Downloader for Instagram Instagram Download Video & Image
App Phone for Instagram App Phone for Instagram
Stories for Instagram Universal Video Downloader
Video Downloader for FaceBook Vimeo Video Downloader
Volume Controller Zoomer for Instagram and FaceBook
VK UnBlock. Works fast. Odnoklassniki UnBlock. Works quickly.
Upload photo to Instagram Spotify Music Downloader
Stories for Instagram Upload photo to Instagram
Pretty Kitty, The Cat Pet Video Downloader for YouTube
SoundCloud Music Downloader The New York Times News
Instagram App with Direct Message DM
 

Mitigations

  • Use real-time web page monitoring tools
  • Use web-proxy filtering to block access of unwanted websites
CloudSEK Platform is a no-code platform that powers our products with predictive threat analytic capabilities.
Recent Posts

Recent Articles

Critical CSRF Vulnerability in IBM CICS TX - CVE-2023-42027 Demands Immediate Action
November 15, 2023
CVE-2023-43792 baserCMS is a website development framework vulnerable to Code Injection attacks
November 6, 2023

Get Global Threat Intelligence on Real Time

Protect your business from cyber threats with real-time global threat intelligence data.. 30-day free and No Commitment Trial.
Schedule a Demo
Real time Threat Intelligence Data
More information and context about Underground Chatter
On-Demand Research Services
Dashboard mockup
Global Threat Intelligence Feed

Protect and proceed with Actionable Intelligence

The Global Cyber Threat Intelligence Feed is an innovative platform that gathers information from various sources to help businesses and organizations stay ahead of potential cyber-attacks. This feed provides real-time updates on cyber threats, including malware, phishing scams, and other forms of cybercrime.
Trusted by 400+ Top organisations
Get started
Learn more