A concerning alert has been raised regarding Google’s widely used Chrome web browser, highlighting the presence of potentially harmful extensions containing malware. This situation poses a serious threat as it could enable hackers to intrude on users’ browsing activities and access sensitive personal information.
The discovery of these malicious extensions was made by the Koi Security team, who identified a deceptive strategy employed by the malware creators. Initially, the extensions appear clean and virus-free upon download. However, after installation, the extensions are later infused with spyware designed to steal user data.
The scale of impact is alarming, with an estimated 2 million individuals believed to be affected. A total of 18 Chrome extensions have been identified as carriers of this malware, some of which received positive reviews and were even featured in Google’s Chrome store. These extensions encompass a range of functionalities, including emoji keyboards, weather services, YouTube enhancements, and more.
The list of compromised extensions includes offerings for both Chrome and the Chrome-powered Edge browser:
– Emoji keyboard online (Chrome)
– Free Weather Forecast (Chrome)
– Unlock Discord (Chrome)
– Dark Theme (Chrome)
– Volume Max (Chrome)
– Unblock TikTok (Chrome)
– Unlock YouTube VPN (Chrome)
– Geco colorpick (Chrome)
– Weather (Chrome)
– Unlock TikTok (Edge)
– Volume Booster (Edge)
– Web Sound Equalizer (Edge)
– Header Value (Edge)
– Flash Player (Edge)
– Youtube Unblocked (Edge)
– SearchGPT (Edge)
– Unlock Discord (Edge)
Users who suspect they have installed any of these extensions are strongly advised to take immediate action. The security experts at Malwarebytes recommend clearing browsing data promptly to eliminate any stolen tracking identifiers or session tokens left by the malicious extensions.
Furthermore, Chrome users are urged to monitor their accounts for suspicious activities and activate two-factor authentication as an added security measure. A browser reset is also recommended to revert any alterations made by the extensions to default settings. Google has confirmed the removal of all affected extensions, safeguarding new users from potential infections.