top of page

Cyber Bites

Numerous Chrome Browser extensions found to over deliver, not in a good way

Numerous Chrome Brower Extensions found in the Google Chrome store have been found to not only deliver on their stated purpose, but also have the ability to hijack search results to display sponsored links and paid results, sometimes even serving malicious links.

They were difficult for reviewers to spot as potentially malicious because the extensions did perform their stated purpose and the problematic functionality was added by an update days after installation.

Security researchers at Almost Secure, Avast and BleepingComputer notified Google and the offending applications have been removed from the store. Unfortunately, removal from the store does not remove the extensions from your browser, that must be done manually,

Below is a list of the offending extensions. If you have any of these browser extensions installed, remove them as soon as possible.

Autoskip for Youtube Soundboost Crystal Ad block Brisk VPN

Clipboard Helper Maxi Refresher Quick Translation Easyview Reader view

PDF toolbox Epsilon Ad blocker Craft Cursors Alfablocker ad blocker

Base Image Downloader Zoom Plus Clickish fun cursors Cursor-A custom cursor

Amazing Dark Mode Venus Adblock Adblock Dragon Awesome Auto Refresh

Readl Reader mode Volume Frenzy Font Customizer Image download center

Easy Undo Closed Tabs OneCleaner Repeat button Leap Video Downloader

Screence screen recorder HyperVolume Light picture-in-picture Tap Image Downloader

Qspeed Video Speed Controller Maximum Color Changer for Youtube


Takeaway:

Browser extensions can be time savers, but they can also bring security concerns. As with apps on your phone, more is not always better.

Sources: Almost Secure, Avast and BleepingComputer

Definitions

Browser extension - A software module that adds functionality to a web browser. It is typically written in HTML, CSS, and JavaScript and can modify web pages, enhance browser behavior, and provide additional features not included in the browser by default.



Would you like a free, no-obligation Cybersecurity Benchmarking of your organization showing where you stand vs. industry-accepted practices? Click here to schedule a time with one of our associates.

Commenti


bottom of page