Malware-Laced Chrome, Edge Browser Extensions
Published 21 December 2020
- 28 third-party Google Chrome, Microsoft Edge extensions infected with malware.
- Malware-laced extensions masquerade as video downloader applications for platforms like Facebook, Vimeo, Instagram, VK, etc.
Share this Threat Intel:
While extensions are meant to expand the capabilities of a browser, installing browser add-ons that are infected with malware can compromise the security of the computer as well as the victim. Corrupted extensions masquerade as legitimate software programs.
- Produce log files for each time the victim clicks on a URL.
- Redirect the users to advertisements and phishing websites
- Steal personal data (birthday, email address, first sign-in time, last login time, device information, device name, operating system, browser details, IP address)
- Prevent detection even by skilled users in web development
- Steal personal/ sensitive information
- Download further malware
- Control and monetize from browser traffic
- Data leaks can have an adverse impact on the victims privacy.
List of infected extensions
|Direct Message for Instagram||Direct Message for Instagram|
|DM for Instagram||Invisible mode for Instagram Direct Message|
|Downloader for Instagram||Instagram Download Video & Image|
|App Phone for Instagram||App Phone for Instagram|
|Stories for Instagram||Universal Video Downloader|
|Video Downloader for FaceBook||Vimeo Video Downloader|
|Volume Controller||Zoomer for Instagram and FaceBook|
|VK UnBlock. Works fast.||Odnoklassniki UnBlock. Works quickly.|
|Upload photo to Instagram||Spotify Music Downloader|
|Stories for Instagram||Upload photo to Instagram|
|Pretty Kitty, The Cat Pet||Video Downloader for YouTube|
|SoundCloud Music Downloader||The New York Times News|
|Instagram App with Direct Message DM|
- Use real-time web page monitoring tools
- Use web-proxy filtering to block access of unwanted websites