Google removes four Chrome Web Extensions for injecting malicious codes

Google | Jan 31, 2018 |

Security researchers from US cyber-security firm ICEBRG have unearthed four Chrome extensions which were being deployed as a payload for malicious code. The worst part is that all of the extensions were available on the Google’s Chrome Web store. As per the researchers, the Chrome extensions were designed in such a way that it could send malicious codes to users browsers via JavaScript code and in turn, the attackers will eventually load a site at the background and start clicking on ads.

Nyoogle, Lite Bookmarks, Stickies, Change HTTP Request Header rogue extensions
The affected rogue extension list includes Change HTTP Request Header, Nyoogle-Custom Logo for Google, Lite Bookmarks and Stickies- Chrome’s Post-it Notes.
The total number of users who were actively using the extension is pegged at more than 500,000 and the ICEBRG security firm has already noted this and informed the National Cyber Security Centre of the Netherlands (NCSC-NL), Google Safe Browsing Operations Team and the United States Computer Emergency Readiness Team (US-CERT.)

At this point, all the four extensions are removed from the Chrome Web Store with Nyoogle being the last. That being said just because Google has removed the extension from the web store doesn’t mean that the extension ceases to exist. If you had downloaded any of the above-mentioned Chrome browser extensions simply uninstall and clean their systems. At this juncture, it is still unclear if the same group was behind all the rogue extensions. However, ICEBRG has said that the four extensions employed similar techniques and procedures.

This entire incident also highlights the problem of maintaining workstation hygiene. In this case, the trust factor was high since the extension was available on the official Google Chrome web store. Thankfully the attacker is not using the code for anything other than the fake ad clicking scam. However, it is very much possible for attackers to use this technique and bring down an entire network or organization.

Read the full details at the source.

Keywords: Google, Nyoogle, Lite Bookmarks, Stickies, Change, HTTP Request, Header, roguge, extensions


comments powered by Disqus

Page 1 of 355  >  >>

The countdown has started for Windows 7


Jan 17, 2019 | Category: Microsoft | Comments

Microsoft will stop free support by 2020.

It has been known for a long time that the official support for Windows 7 is nearing the end. January 14, 2020, is the date, then Microsoft will no longer provide free support to users of this OS and security updates will stop. You will still be able to use Windows 7, but in many ways, you will be left to yourself, at your own risk.

read more…

You can connect this thin screen to almost anything


Jan 16, 2019 | Category: General | Comments

The Lapscreen is almost a perfect traveling companion.

More and more devices use the USB C standard, and now there is a lot of new enhancement that uses the technology.

read more…

OnePlus 7 image leaked - where in the day is the camera?


Jan 15, 2019 | Category: General | Comments

Frameless and no holes in the screen.

OnePlus 6T has only been a few months in the store shelves, but a picture that has appeared on the web is bouncing up the speculation about the next flagship.

read more…

Page 1 of 355  >  >>