Till to the date, eight different Chrome extensions have been identified that have fallen into the same trap: Basically what happens? The attacker simply uses to send an email to the developers of these extensions posing as Google, and through this phishing technique got the necessary password to access the account of its victims. Then it simply updates the extensions to introduce its malicious code, and in the vast majority of cases, over the next few weeks, users of the infected extensions were not even aware that they had been caught in a trap. These eight infected Chrome extensions include such popular add-ons as Chrometana (downloaded so far by more than 600,000 users), Infinity New Tab (+400,000 users) or Social Fixer, as well as other lesser known Web Paint (more than 50,000 Users) or different VPN services. In total, if users are added to all of the extensions affected by the attack, there are more than four million users who are (or have been) exposed to the threat. The tech giant Google has been distributing emails for weeks alerting developers of Chrome extensions to take precautions because of the multiple phishing attempts that have been reported in recent weeks, but that has been of little use to programmers who already fallen into the trap. The attack began to reap its first successes with extensions such as Copyfish, whose developer put – without being aware of it – in the hands of hackers the access data of their account, leaving in the air the security of more than 35 thousand users of its extension. Mainly, the target of the whole attack was – and still is – to introduce advertisements of the attackers in all the web pages that the victim visits. What malicious code does is replace any legitimate ad with ads that are linked to the attacker’s account, so that they take away all the revenue generated by the advertising that is normally displayed to a user as they surf the web. The full list of the eight Chrome extensions infected by this attack includes, for the moment, the following names: Chrometana (in version 1.1.3), Infinity New Tab (in 3.12.3), Web Paint (in 1.2. 1), Social Fixer (in 20.1.1), TouchVPN and Betternet VPN. If you have any of these extensions installed with the version affected by the attack, it is best to remove it from Chrome as soon as possible. At the moment, it does not seem to have affected more of the relatively popular extensions of Chrome by this technique, but any user of this browser should exercise extreme caution in case they start to see annoying pop-ups and ads in one day to the next. So, what do you think about this breach? Simply share your views and thoughts in the comment section below.

Δ

WARNING  These 8 Chrome Extensions Have Infected Millions Of Users - 49WARNING  These 8 Chrome Extensions Have Infected Millions Of Users - 96WARNING  These 8 Chrome Extensions Have Infected Millions Of Users - 97