Home

Jan 31, 2018

Google removes four Chrome Web Extensions for injecting malicious codes

authorarticle: 
chrome-600x322.jpg
video: 
youtube: 
sources: 
keywords: Google, Nyoogle, Lite Bookmarks, Stickies, Change, HTTP Request, Header, roguge, extensions
Category: Google
Posted by: Admin

Security researchers from US cyber-security firm ICEBRG have unearthed four Chrome extensions which were being deployed as a payload for malicious code. The worst part is that all of the extensions were available on the Google’s Chrome Web store. As per the researchers, the Chrome extensions were designed in such a way that it could send malicious codes to users browsers via JavaScript code and in turn, the attackers will eventually load a site at the background and start clicking on ads.

Security researchers from US cyber-security firm ICEBRG have unearthed four Chrome extensions which were being deployed as a payload for malicious code. The worst part is that all of the extensions were available on the Google’s Chrome Web store. As per the researchers, the Chrome extensions were designed in such a way that it could send malicious codes to users browsers via JavaScript code and in turn, the attackers will eventually load a site at the background and start clicking on ads.

Nyoogle, Lite Bookmarks, Stickies, Change HTTP Request Header rogue extensions
The affected rogue extension list includes Change HTTP Request Header, Nyoogle-Custom Logo for Google, Lite Bookmarks and Stickies- Chrome’s Post-it Notes.
The total number of users who were actively using the extension is pegged at more than 500,000 and the ICEBRG security firm has already noted this and informed the National Cyber Security Centre of the Netherlands (NCSC-NL), Google Safe Browsing Operations Team and the United States Computer Emergency Readiness Team (US-CERT.)

At this point, all the four extensions are removed from the Chrome Web Store with Nyoogle being the last. That being said just because Google has removed the extension from the web store doesn’t mean that the extension ceases to exist. If you had downloaded any of the above-mentioned Chrome browser extensions simply uninstall and clean their systems. At this juncture, it is still unclear if the same group was behind all the rogue extensions. However, ICEBRG has said that the four extensions employed similar techniques and procedures.

This entire incident also highlights the problem of maintaining workstation hygiene. In this case, the trust factor was high since the extension was available on the official Google Chrome web store. Thankfully the attacker is not using the code for anything other than the fake ad clicking scam. However, it is very much possible for attackers to use this technique and bring down an entire network or organization.

 
Read the full details at the source.

authorarticle: 
chrome-600x322.jpg
video: 
youtube: 
sources: 
keywords: Google, Nyoogle, Lite Bookmarks, Stickies, Change, HTTP Request, Header, roguge, extensions

Comments:

comments powered by Disqus

Return

Sponsored Ads:

Discord

Page 1 of 537  >  >>

First in the world with external 8TB SSD, but for a price!

1.png

Jul 2, 2020 | Category: IT | Comments

Samsung has launched a new internal SSD.

read more…

Will Google launch new Glass? Has traded AR glasses company

google.jpg

Jul 1, 2020 | Category: Google | Comments

Or does Google root it again?

Google has traded AR glasses company North.

read more…

Microsoft Teams now prevents Students from joining meetings unattended

teams.jpg

Jun 30, 2020 | Category: Microsoft | Comments

Microsoft has announced the general availability of one of the most requested features for Teams for Education that will prevent students from joining a meeting unattended in the absence of the educator. This feature will also prevent students from chatting when a teacher is not present in the meeting.

read more…

Page 1 of 537  >  >>