acm-header
Sign In

Communications of the ACM

Home/News/Up to 3 Million Devices Infected by Malware-Laced.../Full Text
ACM TechNews

Up to 3 Million Devices Infected by Malware-Laced Chrome and Edge Add-ons

By Ars Technica
December 18, 2020
Comments
View as: Print Mobile App Share:
The researchers also discovered malicious code in JavaScript-based add-ons that lets them download malware onto an infected computer.

Mmalware-impregnated Google Chrome and Microsoft Edge browser extensions can steal personal data and reroute users to ad or phishing sites, researchers say.

Credit: Getty Images

Researchers at Czech security firm Avast on Wednesday warned that up to 3 million devices have been infiltrated by malware-impregnated Google Chrome and Microsoft Edge browser extensions that steal personal data, and reroute users to ad or phishing sites.

The Avast team identified 28 tainted Chrome and Edge extensions, advertised as tools for downloading content from sites like Facebook, Instagram, Vimeo, and Spotify; some extensions were still available for download from Google and Microsoft as of the time of Avast's posting.

The researchers also discovered malicious code in JavaScript-based add-ons that lets them download malware onto an infected computer.

It remains unknown if the extensions came with the malware preinstalled, or if the developers waited for them to gain a critical user mass before adding a malicious update.

Another possibility is that legitimate developers created the extensions, then unwittingly sold them to malefactors.

 

From Ars Technica
View Full Article

 

Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account