Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

Dangerous Chrome extensions

Someone tried to use popular Google Chrome Extensions for secretly playing videos in users’ browsers to inflate view counts.

Yesterday morning, our solutions started giving many Google Chrome users repeated threat warnings. Trojan.Multi.Preqw.gen, which Chrome tried to download from a third-party site, was specified as the source of the threat. We explain what it’s all about and how to solve the problem.

Malicious extensions

Our experts in collaboration with their colleagues at Yandex discovered that some culprits had abused more than twenty browser extensions to make Chrome work for them on users’ computers. The extensions that were made to perform malicious activity included a few fairly popular ones: Frigate Light, Frigate CDN and SaveFrom.

These extensions installed in more than 8 million users’ browsers accessed a remote server in the background, trying to download malicious code, a process that our security solutions detect as dangerous.

What were the attackers up to, and how did that threaten users?

The attackers were interested in generating traffic to videos. In other words, the extensions were secretly playing certain videos in the users’ browsers, inflating view counts on streaming sites.

The invisible video player was only activated when the user was actually browsing, so that the inevitable slowing down of the computer could be attributed to Chrome’s usual lag when under load.

According to our colleagues at Yandex, the users of some of the extensions could occasionally hear the sound from the videos that were being played in the background.

Besides that, the malicious plug-ins intercepted access to a social network, probably for inflating like counts later. Regardless of the actual goals, a compromised social media account is something one would rather avoid.

What can be done?

If your security solution starts detecting threats in Google Chrome or any other Chromium-based browser, the first thing you need to do is disable the malicious plug-ins, as those are what the security application reacts to. If you are not sure which of the plug-ins is dangerous, try disabling them one at a time until you find the right one(s).

Yandex, for their part, has automatically disabled a number of extensions in its Yandex.Browser (which too is based on Chromium), and continues to look for other plug-ins that pose a threat.

If you are not using Kaspersky products yet, but you suspect that there is a dangerous application on your computer, it might make sense to install one of our solutions for home users. Then again, it makes sense to do that in any case.

Source: https://www.kaspersky.com/blog/chrome-plugins-alert/38242/?web_view=true

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

A new version of the ViperSoftX information-stealing malware has been discovered with a broader range of targets, including targeting the KeePass and 1Password password...

Cyber Security

The Cybersecurity and Infrastructure Security Agency (CISA) has added one more security vulnerability to its list of bugs known to be exploited in attacks....

Cyber Security

The Dutch Ministry of Education has decided to suspend the use of Chrome OS and Chrome web browser until August 2023 over concerns about...

Business News

Ban of Chrome extension by Brave reveals risk of potential API abuse at Meta Brave this week said it is blocking the installation of...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO