We will use your email address only for sending you newsletters. Please see our Privacy Notice for details of your data protection rights.
Google Chrome users are being warned about a new hacking threat that targeted over 20 extensions which were used – in total – by over eight million people. According to security experts Kaspersky, popular extensions such as Frigate Light, Frigate CDN and SaveFrom were targeted by bad actors. These Chrome extensions were exploited by hackers to carry out malicious activity, but thankfully no financial information or other sensitive data was the target.
Instead, Kaspersky said the aim of this campaign was to generate traffic for videos on streaming sites in order to boost viewer counts.
The videos were secretly played in the background when a victim started browsing the web.
But there were a number of telltale signs that something was amiss.
One of the main giveaways is when the video was being played covertly Chrome would run slower than usual.
Google Chrome explain how users can view extension data
However, the video would only begin playing when a user started browsing – so they may attribute the slowdown to just their general web surfing.
Other signs of the scam taking place, according to the makers of the Yandex Browser, was occasionally sounds from the video can be heard in the background.
Kaspersky also said affected extensions were capable of ‘intercepting’ access to a social network, likely to help inflate like counts later on.
At the time of writing, extensions that Kaspersky highlighted such as Frigate Light and Frigate CDN which were on the Chrome Web Store have now been delisted.
Discussing their findings, Kaspersky said: “If your security solution starts detecting threats in Google Chrome or any other Chromium-based browser, the first thing you need to do is disable the malicious plug-ins, as those are what the security application reacts to.
DON’T MISS: Google Chrome rival just revealed a mightily impressive update
“If you are not sure which of the plug-ins is dangerous, try disabling them one at a time until you find the right one(s).
“Yandex, for their part, has automatically disabled a number of extensions in its Yandex.Browser (which too is based on Chromium), and continues to look for other plug-ins that pose a threat.”
While the Yandex browser makers added: “We consider the described behavior to be potentially dangerous and unfair, so we decided to disable already installed copies of the SaveFrom.net, Frigate Light, Frigate CDN and some others extensions in Yandex Browser. Users of these extensions will receive a notification informing us about the reasons for the shutdown. After that, they can make an informed decision and, if necessary, turn them on again (although we strongly recommend not to do this).”
Source: Read Full Article