Watch Out for Malicious Browser Extensions

Browser extensions are nifty little programs that can be implemented into your web browser itself, adding onto its capabilities and utility… at least, that’s the concept. Unfortunately, these programs also give cybercriminals a means of secretly launching an attack. The security firm Avast recently identified 28 such third-party extensions that have been installed—according to the download numbers, at least—by about three million people on Google Chrome and Microsoft Edge combined.

How Do These Threats Work?

These attacks work similarly to how a phishing attack or a spoofed email would, as a user is promised one thing but winds up receiving something very different. While a malicious application may perform the task it claims to, it also may redirect the user to a phishing website or ad (making the cybercriminal some money) or simply steal some of the user’s information, like their birthday or email address.

In the case of these extensions, the code needed for several different malicious operations was present, including:

• Redirecting traffic to advertisements (falsely generating revenue)
• Redirecting traffic to phishing websites
• Collecting personal data
• Collecting browsing history
• Downloading additional malware onto a user’s device

Avast’s researchers believe that only the first code was actively utilized, generating ill-gotten revenue for the creators of these extensions. Regardless, these extensions should be removed from any systems on your business’ network that they may be installed on.

The impacted extensions are as follows:

Chrome

• App Phone for Instagram
• Direct Message for Instagram
• DM for Instagram
• Downloader for Instagram
• Invisible mode for Instagram Direct Message
• Odnoklassniki UnBlock. Works quickly.
• Spotify Music Downloader
• Stories for Instagram
• The New York Times News
• Universal Video Downloader
• Upload photo to Instagram™
• Video Downloader for FaceBook™
• Vimeo™ Video Downloader
• VK UnBlock. Works fast.
• Zoomer for Instagram and Facebook

Edge

• DM for Instagram
• Downloader for Instagram
• Instagram App with Direct Message DM
• Instagram Download Video & Image
• Pretty Kitty, The Cat Pet
• SoundCloud Music Downloader
• Stories for Instagram
• Universal Video Downloader
• Upload photo to Instagram™
• Video Downloader for FaceBook™
• Video Downloader for YouTube
• Vimeo™ Video Downloader
• Volume Controller

Again, we encourage you to check your company’s network to ensure that these extensions are not installed in any of your users’ browsers, and that you encourage your employees to do the same.

Not sure how to go about doing so? i-medIT can help. As a managed service provider, our services include remotely monitoring your business’ technology and network for threats while keeping abreast of this kind of news so that we can proactively resolve any issues that may influence your operations. 

Find out more today by reaching out to us at 630-549-6199.