Watch out! Cybercriminals are now targeting your browser extensions

November 17, 2018

Cybercriminals are constantly modifying the way malware is distributed, and they’re relentlessly finding new methods to trick you.

One popular way for smuggling malicious apps into your computer is by tricking you into installing software that looks useful on the surface. But behind their helpful facade, these Trojans belie their true purpose – they’re out to make money off you and/or steal your information!

Now, you may be eagle-eyed enough to spot malicious apps from a mile away, but don’t look now, there’s one kind of malware that you might be installing yourself.

Read on and learn more about this devious and tricky new vector of attack.

Watch out for malicious browser extensions

Do you use browser extensions and add-ons?

Browser extensions are similar to what apps are to your smartphone. They add extra functionality to your browser and extend its usability beyond your typical web search and browsing activities. Click here to read more about Google Chrome extensions.

No doubt, extensions can enhance your web browsing experience. Like apps, they are used for a wide variety of purposes – they help you block ads, download content, compare prices while shopping, etc. – the possibilities are endless.

And the similarities don’t end there. Again, like mobile apps, there will always be bad apples among the thousands of extensions available.  Fraudsters are now using them now to exploit your computer resources for their financial gain!

How criminals take hold of browser extensions

According to a report from Motherboard, there’s an entire underground market that actively trades browser extensions.

Unscrupulous advertisers and hackers are even trying to buy popular extensions from legitimate developers in order to “monetize” them. In other cases, hackers break into developer accounts and take over the extensions themselves, injecting their own malicious code in the software.

This means that there’s a possibility that a browser extension that you know and trust can be modified later to infect your machine with adware, steal your information or even control your machine remotely.

The main thing with extensions that makes them attractive to cybercriminals is the fact that they can be granted permissions to access your web browser’s data. This sensitive data may include the data on all the websites you visit (banking website, social media sites, messaging sites, etc.).

Not only that, but extensions can also request access to your clipboard, bookmarks and browsing history, allowing them to create a full profile of your web activity.

See, you can have the best security software installed on your machine but all the protection it offers can be bypassed if a malicious extension manages to sneak itself into your browser.

What’s being done about this growing problem?

Thankfully, Google and Firefox are doing their part to combat this growing problem.

For one, Google has banned extensions that use “obfuscated” code. This is when developers deliberately hide a software’s true intent by using hard-to-understand or misleading language in their code. In fact, over 70% of blocked Chrome Web Store extensions used obfuscated code.

Both Google and Mozilla also systems in place on their respective web stores that detect malicious extensions and add-ons. For example, if an extension is deemed as malicious by Google, it will be automatically disabled in every browser that has installed it.

But is this enough? As I mentioned earlier, cybercriminals are attempting to bypass these checks and security measures by secretly modifying the extension’s code after it has already been installed on your browser. Perhaps it’s high time that you review and audit your current browser extensions and remove anything that you don’t recognize or no longer need.

Check your browser extensions

To protect yourself from these kinds of browser extension hacks, it is recommended that you check your browser extensions and add-ons and remove, deactivate or uninstall the ones that you don’t recognize nor fully trust.

How to remove Chrome extensions

Here’s how you uninstall a Chrome extension:

1. In your Chrome browser, click the three vertical dots at the top right corner.
2. Hover over “More Tools” then click Extensions.
3. You will now be directed to a page with all your installed extensions.
4. To remove an extension, click on its trash icon (located on its right side).
5. Click Remove on the popup window to confirm.

How to remove Firefox add-ons

Here are the steps to disable or remove a Firefox extension or add-on:

1. On your Firefox browser, click the three horizontal lines at the top right corner.
2. Click on Add-ons.
3. On the new “about:addons” that opens, click “Extensions” on the left menu bar.
4. Select the add-on or extension you want to disable.
5. Click its disable button.
6. Restart your Firefox browser.

Tags: apps, cybercriminals, Google, Google Chrome, hackers, malware, security, web browser