A warning has been released to over 3.2 million individuals who utilize Google Chrome daily concerning a hazardous hacking scam that targets the widely-used web browser.
Many people globally rely on Chrome both for professional tasks and casual web browsing, spending several hours using it on desktops and mobile devices. Users of this browser should be informed about a crucial alert involving 16 specific browser extensions that have fallen victim to hacker attacks.
The affected extensions include Blipshot, Emojis, Color Changer for YouTube, Video Effects for YouTube, Audio Enhancer, Themes for Chrome, YouTube Picture in Picture, Mike Adblock for Chrome, Super Dark Mode, and Emoji Keyboard Emojis for Chrome, according to the Daily Mail.
Additionally, extensions like Adblock for Chrome, Nimble Capture, KProxy, Page Refresh, Wistia Video Downloader, Adblocker for Chrome, and Adblock for You have also been compromised.
GitLab Threat Intelligence, who discovered the security threat, wrote on its site: “We identified a cluster of at least 16 malicious Chrome extensions used to inject code into browsers to facilitate advertising and search engine optimization fraud.
“The extensions span diverse functionality including screen capture, ad blocking and emoji keyboards and impact at least 3.2 million users.
“The threat actor uses a complex multistage attack to degrade the security of users’ browsers and then inject content, traversing browser security boundaries and hiding malicious code outside of extensions. We have only been able to partly reproduce the threat actor’s attack chain.”
The group of tech experts emphasized that although these extensions have been removed from the Web Store, users who have already installed them will need to delete them manually to avoid hacker threats.
“The threat actor may also be associated with phishing kit development or distribution. The malicious extensions present a risk of sensitive information leakage or initial access,” GitLab Threat Intelligence further stated on their website.
It seems cybercriminals are deploying sophisticated strategies to exploit unsuspecting internet users, even targeting Gmail users.
Spencer Starkey, a vice-president at SonicWall, emphasized the need for companies like Google to stay vigilant to protect their users.
He stated: “Cybercriminals are constantly developing new tactics, techniques, and procedures to exploit vulnerabilities and bypass security controls, and companies must be able to quickly adapt and respond to these threats.
“This requires a proactive and flexible approach to cybersecurity, which includes regular security assessments, threat intelligence, vulnerability management, and incident response planning.”
Google has confirmed to UNILAD that “the extensions are removed from the Chrome Web Store”.