Be careful when downloading web browser extensions! Cybersecurity researchers have discovered 18 additional modules for Chrome and Edge infested by dangerous malware. You have to delete without waiting!
Extensions for web browsers – whether Google Chrome, Mozilla Firefox, Microsoft Edge or Safari – appeal to their great utility. These small software modules-also called plug-ins or add-ons-integrate into a program to provide it with new functions or improve those already present. Pubs blockers, PDF converters, tab or translation tools, spelling and grammatical correctors, VPN … There are almost all needs and all profiles. And the best in all of this: most are completely free.
But beware: you have to stay vigilant at the time of download-even on official stores such as the web store chrome or the Microsoft Edge Add-ons-because some can hide malware! This is the case of these 18 verolled extensions, discovered by the cybersecurity researchers of Koi Security, who have a total of more than 2.3 million downloads. Worse still: some brought the mention “verified” or were put forward.
Verox extensions: a pirate operation on Chrome and Edge
Cybercriminals used extensions as a Trojan horse. As initially, they did not contain any virus and fulfilled the promised functions, for years, they have received many positive comments and multiplied downloads. The attackers have “Successfully exploited all the trusted signals on which users rely”note Koi Security. The malicious code was subsequently introduced, via automatic updates, which allowed hackers to bypass online store safety systems.
The malicious functions contained in the extensions were used to track infected internet users. A spy code was activated automatically each time a user opens a new web page. He then recorded the URL of all the pages visited and redirected it on other web pages. All this operation brings Koi Security researchers to conclude that it is “Proof that the current safety market model is fundamentally broken”.
Verox extensions: what are the plug-ins to uninstall?
11 From these verolled extensions came from Chrome Store and 7 from the Microsoft Edge Add-ons, including productivity tools, dark themes, VPNs, advertising blockers, weather forecasting tools or utility for Discord and Tiktok. Here is the list of extensions concerned within the web store chrome:
- Color Picker, Eyedropper — Geco colorpick
- Dark Theme — Dark Reader for Chrome
- Emoji keyboard online — copy&past your emoji
- Free Weather Forecast
- Unblock TikTok — Seamless Access with One-Click Proxy
- Unlock Discord — VPN Proxy to Unblock Discord Anywhere
- Unlock YouTube VPN
- Video Speed Controller — Video manager
- Volume Max — Ultimate Sound Booster
- Weather
And here is those within the Microsoft Edge Add-onS:
- Flash Player — games emulator
- Header Value
- SearchGPT — ChatGPT for Search Engine
- Unlock Discord
- Video Speed Controller — Video manager
- Volume Booster — Increase your sound
- Volume Max — Ultimate Sound Booster
- Weather
- Web Sound Equalizer
- Youtube Unblocked
Alerted by researchers, Microsoft and Google have deleted all the extensions of their platform. If you have installed one of these extensions, uninstall it immediately. If downloading your plug-ins from official stores allows you to make a first sorting, that does not prevent malicious software from passing between the meshes of the net. This is why it is also necessary to think of systematically verifying the reputation and reliability of the developer – even if this does not guarantee total security, as here – and to regularly sort it in its extensions, by uninstalling those that you no longer use or that you do not recognize (see our practical sheet).