Home → News → Up to 3 Million Devices Infected by Malware-Laced... → Full Text

Up to 3 Million Devices Infected by Malware-Laced Chrome and Edge Add-ons

By Ars Technica

December 18, 2020

[article image]

Researchers at Czech security firm Avast on Wednesday warned that up to 3 million devices have been infiltrated by malware-impregnated Google Chrome and Microsoft Edge browser extensions that steal personal data, and reroute users to ad or phishing sites.

The Avast team identified 28 tainted Chrome and Edge extensions, advertised as tools for downloading content from sites like Facebook, Instagram, Vimeo, and Spotify; some extensions were still available for download from Google and Microsoft as of the time of Avast's posting.

The researchers also discovered malicious code in JavaScript-based add-ons that lets them download malware onto an infected computer.

It remains unknown if the extensions came with the malware preinstalled, or if the developers waited for them to gain a critical user mass before adding a malicious update.

Another possibility is that legitimate developers created the extensions, then unwittingly sold them to malefactors.


From Ars Technica
View Full Article


Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


No entries found