Recent reports indicate that some popular Chrome extensions are malicious and you should remove them from your Chrome and Edge browsers.
Just as the Google Play Store can be dangerous for Android devices, the Chrome Web Store is just as dangerous if you’re not careful.
On Sunday, the cybersecurity team at Guardio Labs warned Chrome and Edge users about a new campaign that allows hackers to hijack browsers using extensions. More than a million users have already downloaded these malicious plugins.
Some Chrome extensions can get you hacked
As the researchers explain, as of mid-October, 30 different versions of the seemingly harmless extension were available for Google Chrome and Microsoft Edge.
Also read this:
At first glance, plugins are the main tools for changing the color or style of your browser. That’s why Guardio named this bad publicity campaign “Sleeping Colors”. The browser extension itself does not contain any malicious code. Instead, the extension redirects users to pages that offer videos or downloads. To watch a video or download software, those pages will lead you to download another extension.
We hope that you will be careful from now on and you will not go to these plugins again, but let’s say that you have tried to add this very suspicious plugin to your browser. The malicious extension immediately loads the side code into your browser. This code will redirect you to sites where extension developers can earn PEX by displaying ads. As bad as this sounds, it gets worse!
For example, if you visit the “Shopping list” plugin site, it will redirect you to a new URL with an affiliate link. If you end up buying something, it earns the extension developer money. It is also possible for developers to use this hijacking method to send users to fake login pages and steal their usernames and passwords.
Guardio shared the following list of plugins that are part of the campaign:
Fortunately, most, if not all, of these extensions are no longer available in the Chrome Web Store. If you install any of these extensions on your browser, you should immediately remove them from your browser. Even if you don’t, be careful, as Guardio claims the campaign is “still up and running, changing domains, spawning new extensions, and reinventing more color and style-changing functionality than you can certainly do without.” They also continue to work.”
Our suggestion is to stay away from all these plugins for now and until further notice.