Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED 11 MINUTES AGO.
You are here: Home / Network Security / Malicious Chrome Extensions Found
Four Malicious Chrome Extensions Removed from Chrome Web Store
Four Malicious Chrome Extensions Removed from Chrome Web Store
By Cat Ellis Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
JANUARY
17
2018
Google has removed four malicious browser extensions with a combined total of 500,000 downloads from the Chrome Web Store.

Security firm ICEBRG discovered the malicious extensions after it picked up an unusual spike in outgoing network traffic. The first extension identified was called HTTP Request Header. After further investigation, it discovered three more: Nyoogle, Stickies and Lite Bookmarks.

In a blog post, ICEBRG said that although the extensions were probably used to commit click fraud (imitating the process of a user clicking an ad in their browser) or manipulate search engine results, they could be used to create a botnet with the potential to access business networks and user information.

"Removal of the malicious extension from the Chrome Web Store may not remove it from impacted hosts," ICEBRG added. "Additionally, the use of third-party Chrome extension repositories may still allow the installation of the extensions."

It's possible that the number of downloads could have been inflated through use of bots to make the extensions seem legitimate and trick more people into installing the malware.

Verifying Browser Extensions

Each browser developer takes a different approach to verifying the quality and safety of add-ons in their stores.

Before publication on the Google Chrome Web Store, extensions are subjected to a process called Enhanced Item Evaluation -- a series of automated checks that examine its code and behavior once installed to identify malware. Once the validation is complete, the app is published -- usually within an hour.

The process normally works well, but sometimes extensions slip through the net. For example, in October last year, 37,000 people downloaded a fake version of Adblock Plus that was almost impossible to differentiate from the real thing.

Microsoft launched an extension store for Edge in 2016, and tests each submission individually before it's published -- a process than can take 72 hours.

Mozilla takes a more liberal approach. All Firefox add-ons must comply with a set of policies and practices that varies depending on circumstances. Extensions listed on addons.mozilla.org may be subject to automatic and manual review and testing, during which they won't appear in search results, but will still be accessible if you have a link to their listing pages.

Unlisted add-ons aren't subjected to quite such strict standards. They must still be uploaded to addons.mozilla.org, but have to be distributed elsewhere.

© 2018 T-break Tech under contract with NewsEdge/Acquire Media. All rights reserved.

Image credit: Google/Chrome; iStock/Artist's concept.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN NETWORK SECURITY

NETWORK SECURITY SPOTLIGHT
Over the past decade, hospitals have been busy upgrading their systems from paper to electronic health records. Unfortunately, spending so much on EHR may have left insufficient funds for security.
The British government officially blamed Russia for waging the so-called NotPetya cyberattack that infected computers across Ukraine before spreading to systems in the U.S. and beyond.
ENTERPRISE SECURITY TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.