News, 01.11.2022, 11:30 AM
Security researchers from Guardio Labs discovered thirty malicious web browser extensions downloaded from the Chrome and Edge web stores by more than a million users worldwide. The malware in these extensions is essentially adware.
Extensions offer the ability to change the appearance of web browsers and when users install them on their computers they still do not contain malicious code, which is why the campaign was named “Dormant Colors”. This campaign has been active for some time, and some of the extensions have already been identified as potentially harmful.
The infection starts with an ad or redirect when visiting a website that has a video or program that the user wants to download.
However, when he tries to download a program or watch a video, the victim will be redirected to another site that tells him to install the extension. After clicking the “OK” or “Continue” button, the victim is prompted to install a seemingly harmless extension.
After you install the extension, a new tab automatically opens and redirects you to a “thank you” page, which redirects you to yet another ad. You would probably close that page and pick up where you left off, not realizing at the time that something else just happened behind the scenes.
When these extensions are installed, they redirect search queries to results from sites associated with the extension developer, generating revenue from serving ads and selling search data.
Malicious extensions can infect your computer through your web browser. Such extensions are often used to track searches and steal users’ personal information. There are several things you can do to protect yourself from these infections.
First, install extensions only from trusted sources. The Google Chrome Web Store is a good place to start, but you should also check reviews before installing anything.
Second, update your web browser and extensions regularly. These updates usually contain security fixes that can help you protect yourself from new threats.
Be careful about the permissions you give to extensions. Many malicious extensions will ask for more permissions than they need.
And last but not least, protection against such malware can be provided by a credible antivirus software.
Both Microsoft and Google have removed these malicious extensions.