Google Chrome and Microsoft Edge Under Attack: Malicious Extensions Identified
AI-summarised brief · reviewed before publication
Google Chrome and Microsoft Edge are facing a new threat, with a list of 18 malicious extensions identified by Koi Security. These extensions, which have been installed millions of times, pose a real and present threat to users. The extensions in question masquerade as popular productivity and entertainment tools, offering trivial functionality such as emoji keyboards, weather forecasts, and video speed controllers. However, they secretly implement browser surveillance and hijacking capabilities, allowing attackers to exploit the trust of users. According to Koi Security, each extension provides legitimate functionality while secretly implementing the same malicious capabilities. The team notes that these extensions have achieved verified status or featured placement across both the Chrome Web Store and Microsoft Edge Add-ons store, demonstrating security failures across both major browser marketplaces. The malicious extensions are controlled through external command and control servers, each with a unique subdomain. While this gives the appearance of separate operators, they are actually part of the same centralized attack infrastructure. Google has taken down all the identified extensions from the Chrome Store, and Microsoft has been approached for updates on the Edge Add-ons store. Koi Security is warning users of the need for immediate action to protect themselves from these malicious extensions. It is essential for users to take heed of this warning and delete any of these extensions that may be installed on their devices. This is not the first time that malicious extensions have been identified in the Chrome and Edge stores, and it highlights the ongoing need for vigilance in protecting against cyber threats. Photo Credit: Foundry / Unsplash / Antione Rault
