Millions of users affected by fake extensions
According to a Kaspersky study, millions of users have installed malicious extensions in the last two years. They indicate that 70% of these add-ons sneak adware into the victim’s system. This means that they deliver malicious advertisements and can track browsing, thereby compromising privacy. Only in the first half of this year, according to the report of Kaspersky shows that just over 1 million users have tried to install malicious extensions.
But what are the malicious extensions that try to sneak in the most? They are related to converters text documents to PDF and, in general, text file managers. They indicate that they can sneak a threat called WebSearch, which has affected more than 800,000 users this year. What it does is track users and sneak in affiliate links. It is also capable of changing the home page of the browser.
Another type of extensions widely used by hackers is for download videos from the internet. In this case, they usually sneak in an adware called AddScript. It runs in the background, without the victim’s knowledge, and can collect data, redirect the victim to certain pages, etc. It is also capable of injecting affiliate cookies.
They also use game cheats and run pirated software. This allows the attacker to slip in adware called DealPly, capable of changing the browser’s home page. Also, the main problem is that if the victim removes the extension, it is able to reinstall itself.
Therefore, as you can see, the extensions most used by attackers to steal information are related to PDF and text document readers and converters, video downloads and the use of video game cheats.
What to do to avoid problems
So what should we do to avoid these kinds of problems? Without a doubt, the most important thing is to download extensions only from official sources. Only use software that comes from official browser stores like Chrome or Firefox and avoid downloading from third party sites that may be scams.
It is also convenient to have security programs. A good antivirus will help detect malicious software of this type. If you accidentally download an add-on for Chrome or Firefox and it turns out to be a scam, your antivirus can help you remove it as soon as possible and prevent it from stealing data. There are even extensions to prevent Phishing attacks.
Another key point is to have the updated browser. In many cases, fake extensions will take advantage of a vulnerability that they can exploit. If you have updated software, you will prevent hackers from having an easy time achieving their goal. Therefore, try to always have the latest versions of Chrome, Firefox or the browser you use.
In short, as you can see there are some extensions or types of extensions that are more used to scam. It is important that you take steps to avoid problems and, in case you suspect that you may have a fake or problematic one, remove it as soon as possible.