Home / Technology / Malicious Chrome Extensions Steal Data
Malicious Chrome Extensions Steal Data
15 Apr
Summary
- 108 malicious Chrome extensions discovered by security firm Socket.
- Extensions steal data and send it to a single command-and-control server.
- Malicious extensions can harvest Google account identifiers, posing a major risk.
Over 100 malicious Chrome extensions have been identified, posing a significant threat to user data. Discovered by the security firm Socket, these 108 extensions were found on the Chrome Web Store, masquerading as popular games, utilities, and tools. Despite having different publishers, all these extensions were designed to exfiltrate sensitive information to a single command-and-control server, suggesting a highly coordinated cybercrime operation.
These extensions function deceptively, appearing to work normally while secretly compromising user security. A significant number of them were found to steal users' Google account identifiers (sub IDs), which are permanent digital footprints. This information can be used by attackers to track individuals across different platforms and build detailed profiles of their online activities, even if passwords are changed.
To mitigate this risk, users are strongly advised to check their installed extensions and remove any suspicious ones immediately. Security experts recommend sticking to trusted developers, carefully reviewing extension permissions, and enabling enhanced safe browsing features in Chrome. Regularly auditing installed extensions and maintaining updated antivirus software are crucial steps in safeguarding against such threats.
