Google Chrome is the world’s most popular web browser, and with so many people using it, it’s an obvious target for cybercriminals looking to cash in on its success. And the latest threat is quite worrying because it could have affected more than 80 million users worldwide.
The discovery was made after AdGuard investigated a number of bogus ad blocking extensions.
A total of 295 extensions were discovered in this attack, which includes bogus ad blockers as well as weather widgets and extensions claiming to offer screenshot utilities.
The main threat (245 of 295) seems to come from simple extensions that can apply custom backgrounds when a user launches a new tab.
READ MORE: Google Chrome’s most vital update in years just suspended
Now it looks like some of the extensions have started to be removed, but Chrome users should always be on alert when they add extras to their browser.
Speaking about the threat, Jake Moore, Cybersecurity Specialist at ESET, said: “Browser extensions can be extremely useful and have thousands of benefits, but you need to be careful when downloading anything to your device.
“Being vigilant about extensions usually means reading reviews and checking the number of downloads. But in many cases, this is still not enough because many browser extensions are free and quickly gain a lot of strength before they are reviewed and it is too late.
“However, there are ways to be more careful when downloading third-party extensions. Many unauthorized extensions will require permissions to be granted to access your data or other information on your computer, which I recommend that you do not allow. Google can »Never guarantee 100% security on any of its third-party add-ons, so you should be careful and reduce excessive access to your machine and data. ”
ADGuard has also posted tips on how to stay safe and these top tips should be taken note of.
How to protect yourself?
• Overall, personal hygiene guidelines in the Chrome Store have not changed since the last time I addressed this issue.
• If you’re going to install a browser extension, think again. Maybe you don’t really need it?
• Install extensions only from developers you trust.
• Don’t believe what you read in the extension description.
• Reading user reviews won’t help either. Most malicious extensions have great reviews and yet they are malicious.
• Don’t use Chrome Web Store internal search, follow links directly on websites of trusted developers.