Researchers from AdGuard, a company that manufactures solutions to block browser ads, have come up with 295 extensions available on the Chrome Store which hide a dangerous virus which alters Google and Bing search results, persistently displaying advertisements. More worryingly, these extensions were downloaded by more than 80 million users around the world e Google still hasn't removed them from the Chrome Store.
In the list of 295 extensions there is a bit of everything, from plugins that change the background of Chrome tabs, to apps that promise to block advertisements. A real paradox, considering the fact that the only goal of these plugins is to show advertisements to earn on users' impressions. This is not the first time that computer researchers have discovered malicious extensions present on the Chrome Store: last week we already talked about another plugin that performed the same actions and that modified the Google results page to show deceptive advertisements.
Chrome, 295 dangerous extensions, what users risk
The behavior of dangerous plugins discovered by AdGuard researchers is sneaky and very dangerous. In fact, altering search results it is only one of the three “off limit” activities discovered by the experts.
Let's start with the first: the misleading search engine advertisements. How it works is very similar to that of adware in the smartphone world. After installing the extension on your PC, the virus kicks in and starts modifying Google and Bing search results. After doing the search, the user is sent to a page that appears to be Google's, but which actually is managed directly by hackers. In this way, deceptive advertisements are shown which make money for the hackers.
In addition to advertisements, some extensions are blamed also to do "cookie stuffing". What does it mean? When a user visits an e-commerce site, the extension produces a special cookie that allows them to receive a commission from the site if the user returns and completes a purchase. A practice that is not well received by Google.
Finally, other applications are charged with isend and show spam on the user's PC.
What are the 295 extensions that hide a virus
In the mare magnum of 295 applications there is a bit of everything, but the peculiarity is that nearly 50 plugins ensured to block ads. In reality, they did nothing but display advertisements that brought money to the hackers. Most of the plugins, on the other hand, were utility apps that offered a single service to users.
A list of all 295 malicious extensions that hide a virus is available on GitHub.
How to defend against malicious Chrome extensions
Google again did not delete the 295 plugins from your store and therefore the danger is still very high. For this reason, attention must be paid when yes download an extension from the Chrome Store. Here are some tips to follow:
- Only install plugins from developers you trust.
- Don't believe the reviews and extensions descriptions.
- Do not download plugins after doing an internal search on the Chrome Store, but only after reading the advice of people you trust.
- Install an antivirus on your PC.
