500 Google Chrome extensions were stealing sensitive data from users
Google recently removed 500 malicious extensions from its Store.
Google recently found that 500 extensions available in its Store were stealing user's sensitive information. These extensions were also found to inject ads and siphon off user browsing data to hacker-controlled servers. The extensions had 1.7 million downloads, which means that at least 1.7 million users were affected by them.
The extensions which were using promotions and advertisements as disguise were connecting browser clients to hacked C2 servers. This mechanism leads the extensions to evade the security mechanisms. Upon initial contact with the site, the extensions established contact with the C2 server and uploaded user data, along with various re-directions to phishing websites.
Google immediately removed all these extensions and has ensured user safety. NPAV recommends checking extension permissions and uninstalling rarely used extensions from your devices. Extensions can be easily exploited by attackers so use the ones you really need.
Use NPAV and join us on a mission to secure the cyber world.
- Other (42)
- Ransomware (128)
- Events and News (26)
- Features (45)
- Security (433)
- Tips (79)
- Google (22)
- Achievements (9)
- Products (33)
- Activation (7)
- Dealers (1)
- Bank Phishing (42)
- Malware Alerts (195)
- Cyber Attack (221)
- Data Backup (11)
- Data Breach (80)
- Phishing (139)
- Securty Tips (1)
- Browser Hijack (16)
- Adware (15)
- Email And Password (67)
- Android Security (56)
- Knoweldgebase (38)
- Botnet (15)
- Updates (3)
- Alert (71)
- Hacking (57)
- Social Media (7)
- vulnerability (54)
- Hacker (31)
- Spyware (8)
- Windows (6)
- Microsoft (21)
- Uber (1)
- YouTube (1)
- Trojan (2)
- Website hacks (3)
- Paytm (1)
- Credit card scam (1)
- Telegram (3)
- RAT (5)
- Bug (3)
- Twitter (2)
- Facebook (7)
- Banking Trojan (5)
- Mozilla (2)
- COVID-19 (5)
- Instagram (2)
- NPAV Announcement (5)
- IoT Security (1)
- Deals and Offers (1)
- Cloud Security (8)
- Offers (5)
- Gaming (1)
- FireFox (2)
- LinkedIn (2)
- WhatsApp (4)
- Amazon (1)
- DMart (1)
- Payment Risk (4)
- Occasion (2)
- firewall (1)
- Cloud malware (2)
- Cloud storage (2)
- Financial fraud (7)
- Impersonation phishing (1)
- DDoS (4)
- Smishing (2)
- Whale (0)
- Whale phishing (3)
- WINRAR (2)
- ZIP (2)