Security researchers discover that four Google Chrome extensions with about 5,00,000 downloads were malicious

This is not the first time this has occurred as cybercriminals gained access to the accounts of two Google Chrome extension developers in July last year.

Researchers from a security firm by the name of ICEBRG have discovered that four Google Chrome extensions with about 5,00,000 downloads were malicious in nature. This recent finding highlights one of the weakest points of Google Chrome.

Image: Google

Image: Google

According to a report by ArsTechnica, Google has removed the extensions in questions at the time of writing. The report points out how a sudden spike of network activity from a customer workstation prompted the researchers to investigate the cause behind it. According to their findings, an extension by the name ‘HTTP Request Header’ infected the system to then visit pages related to advertising.

On closer inspection, they also discovered that three more extensions with the name ‘Nyoogle’, ‘Stickies’, and ‘Lite Bookmarks’ were doing the same thing.

The report also pointed out that it is likely that these extensions were part of “a click-fraud scam” that used these extensions to generate revenue from the ‘per-click rewards’. To simplify, the extensions were opening several advertising-related websites and the owners of the websites were earning money on every visitor or click on the advertisements on these sites.



The researchers warned that these extensions could also be used to spy on individuals or people belonging to an organisation who ended up installing these extensions. It was likely that the same extensions and method of attack would have turned to a much more menacing situation.

The firm has published a detailed report on what happened and how it was detected for the people interested in reading about it.



The thing to note here is that this is not the first time this has occurred. According to the report, cybercriminals have gained access to the accounts of two Chrome extension developers in late July and early August last year.

After gaining access, they went on to push updates which “injected ads into the sites” that users were visiting. This also points to the need to be vigilant while installing any new extension on your browser and ensure that it is not engaging in something fishy.


Top Stories

also see