New York Post
Google Chrome users warned to delete 16 popular extensions due to ‘malicious’ threat risk
By Eric Hegedus
Published Feb. 28, 2025, 6:04 p.m. ET
Google Chrome users have been warned to delete 16 “malicious” browser extensions that could lead to a security threat and “fraud” at the hands of a prolific “threat actor.”
The extensions affect functionality involving screen capture, ad blocking, emoji keyboards and more, with a potential impact on at least 3.2 million users, according to GitLab Threat Intelligence, which first reported the threat.
The extensions inject code and harmful scripts into browsers, allowing hackers to steal user data and engage in search-engine fraud involving ad revenue, according to Tom’s Guide.
After users granted permission to use them, the extensions, while legitimate, were infected with malicious updates that corrupted them.
According to tech site Notebook Check, the attack was traced to developer accounts that unknowingly transferred control of extensions to the attackers, whose dangerous updates were available through official browser extension stores.
The dangerous extensions include:
Blipshot
Emojis (Emoji Keyboard)
Color Changer for YouTube
Video Effects for YouTube and Audio Enhancer
Themes for Chrome and YouTube Picture in Picture
Mike Adblock für Chrome
Super Dark Mode
Emoji Keyboard Emojis for Chrome
Adblocker for Chrome (NoAds)
Adblock for You
Adblock for Chrome
Nimble Capture
KProxy
Page Refresh
Wistia Video Downloader
WAToolkit
The targeted extensions already have been removed from the Chrome Web Store, but users should manually delete them if they are still installed on their browsers.
Tom’s Guide advises then using antivirus software to scan for malware or other viruses.
No comments:
Post a Comment