Link Image

108 more Chrome extensions found to be injecting ads and harvesting data

by · Android Police

For years now, we've trained ourselves to be wary of unknown APKs. However, the same level of scrutiny has never really extended to the extensions we download for your browsers.

Recent events have proven that browser extensions aren't all that harmless. There was the Honey debacle last year, which has been followed by several popular extensions being taken down earlier this year for reportedly being "unsafe." This also impacted the popular image-saving Chrome extension 'Save Image as Type.'

Related

This popular image-saving Chrome extension was just flagged as malware

Honey-like affiliate hijack in question

Posts 1
By  Karandeep Singh Oberoi

Now, with Chrome extensions being looked at with a magnifying glass, several other popular extensions have been found to be stealing data and injecting ads, taking advantage of unsuspecting users.

The development was highlighted by supply chain security firm Socket (via Toms Guide), with the report laying out 108 malicious Chrome extensions with roughly 20,000 downloads among them.

On the surface, these extensions look like actual utility and entertainment tools. They were published by different developers, but under the hood, every single one of the 108 extensions communicates with the same command-and-control (C2) server, indicating that this is a professional operation.

Here are some of the most downloaded extensions from the list of 108:

  • Web Client for TikTok – 2,000+ installs
  • Web Client for Telegram - Teleside – 1,000+ installs
  • YouSide - Youtube Sidebar – 1,000+ installs
  • Web Client for Youtube - SideYou – 1,000+ installs
  • Formula Rush Racing Game – 1,000+ installs
  • Page Auto Refresh – 1,000+ installs
  • Page Locker – 1,000+ installs
  • Text Translation – 1,000+ installs
  • Web Client for Rugby Rush - SideGame – 1,000+ installs
  • Telegram Multi-account – 1,000+ installs
  • Black Beard Slot Machine – 1,000+ installs
  • Clear Cache Plus – 1,000+ installs
  • Speed Test for Chrome - WiFi SpeedTest – 1,000+ installs
  • Piggy Prizes - Slot Machine – 500+ installs
  • Master Chess – 500+ installs

If you've installed one of these extensions, or any of the other malicious ones (check out the full list here) make sure you remove them now. To do so, tap the three-dot menu on the top right and tap on Extensions > Manage Extensions. Proceed to remove the affected extensions. It's worth noting that several of the above-mentioned extensions are still live on the Chrome store.

Subscribe to our newsletter for browser security insights

Stay informed by subscribing to our newsletter for expert analysis and clear removal guidance on malicious browser extensions. Learn how these extensions operate, which to avoid, and what changing extension risks mean for your browser privacy and security.

Get Updates

By subscribing, you agree to receive newsletter and marketing emails, and accept our Terms of Use and Privacy Policy. You can unsubscribe anytime.

The scope of the damage these extensions might have caused is still unclear. They've been found to inject ads, which would help the extensions' developers monetarily. However, they've also been found to harvest data, which can result in privacy and credential-related concerns.

Related

6 Chrome extensions I trust to keep my privacy intact

Don't browse without these chrome privacy extensions

Posts 3
By  Ben Khalesi