One of the best things about using Google Chrome is also one of its biggest dangers. People use plugins to increase the usability of the browser. However, a handful of malicious Chrome extensions have been spotted, and they total more than 75 million downloads.
It’s no little-known fact that you need to be careful what you download/install, and that goes for Chrome extensions. They can be incredibly useful tools to make your browsing experience much better. However, just like any application you download, Chrome extensions can perform malicious actions without you knowing.
A handful of malicious Chrome extensions were removed by Google
According to Bleeping Computer (via TechRadar), Cybersecurity researcher Wladimir Palant discovered some interesting code inside of the PDF toolbox extension. This code allowed serasearchtop[.]com to inject arbitrary code into any website the viewer visits. Since then, he discovered an additional 17 extensions with this code.
At the moment, he couldn’t quite see what the code was used for, however, there was potential for it to inject ads into sites, and even steal search results. They’re even reports from other users saying that when one of these extensions was installed, they will get unintentional redirects to different sites.
Shortly after, cyber security company Avast uncovered an additional 14 extensions with the same mechanism. This brings the number up to 32 in all. Combined, they have a whopping 75 million downloads between them.
These malicious Chrome extensions include plugins such as Auto Skip for YouTube, Soundboost, Crystal Ad Block, Brisk VPN, Clipboard Helper, and Maxi Refresher. You can view the full list here.
Thankfully, according to Avast, Google acknowledged these malicious plugins and the company has taken them down. However, this does not mean that this automatically deactivates them, so if you have these installed, then you’ll want to remove them quickly.
There’s a lot of potential for these plugins to commit even more malicious activities. So, there’s no telling what other actions these extensions can perform. The best thing to do is get rid of them so you don’t find out