Over three million people have installed 28 different malicious web extensions between the Chrome and Edge browsers on their computers. The extensions can redirect users to ads, or phishing sites, collect personal data and browsing history, and download more malware. Researchers at Avast stated that though attackers could do all the previously listed items, they were primarily using their access to hijack user traffic for monetary gains. For every redirect that happened because of the extensions, the attackers would get paid by the third-party company. It is unclear if the extension creators made the extension with malicious code in them initially or if they added it after the extension became popular.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased