HomeUncategorized400 Chrome Extensions Caught Stealing Private Data of 1.6 Million Users
400 Chrome Extensions Caught Stealing Private Data of 1.6 Million Users
February 16, 2020
Google removed 400 malicious Chrome extensions from its Web Store after they found to inject malicious ads .
These extensions were a part of a malvertising and ad-fraud campaign that’s been operating at least since January 2019, although evidence points out the likelihood that the actor behind the scheme may are active since 2017. Upon sharing the invention privately with Google, the corporate went on to spot 430 more problematic browser extensions, all of which have since been deactivated
“The prominence of malvertising as an attack vector will still
rise as long as tracking-based advertising remains ubiquitous, and
particularly if users remain underserved by protection mechanisms,” said
Kaya and Duo Security’s Jacob Rickerd within the report.
A large portion of those are benign ad streams, resulting in ads like Macy’s, Dell, or Best Buy,” the report found. “Some of those ads might be considered legitimate; however, 60 to 70 percent of the time a redirect occurs, the ad streams reference a malicious site.
The Hacker Journal Recommends that do not add extensions that are not important for your privacy.