Google Chrome Purges 32 Malicious Extensions To Combat Spam And Ads
32 malicious extensions, which had been downloaded 75 million times, have been eliminated by Google from the Chrome Web Store. These extensions had the potential to modify search results and promote spam or undesirable advertisements.
According to BleepingComputer, the plug-ins contained legitimate functionality to keep users unaware of the malicious activity delivered in obfuscated code.
While analyzing the PDF Toolbox extension (2 million downloads) available from the Chrome Web Store, cybersecurity researcher Wladimir Palant discovered code disguised as a legitimate API wrapper.
The researcher explained that the code allowed the “serasearchtop[.]com” domain to inject arbitrary JavaScript code into any website the user visited.
In addition, the report stated that opportunities for abuse range from adding ads to websites to stealing sensitive information.
However, the researcher did not detect any malicious activity, so the purpose of the code remained unknown.
The report indicated that the researcher also found that the code was set to activate 24 hours after the plugin was installed, which is typical for malicious purposes.
Meanwhile, Google has banned the notorious CryptBot malware, which the company claims stole data from hundreds of thousands of Chrome browser users over the past year.
According to the company, CryptBot is a type of malware often called an “infostealer” because it is designed to identify and steal sensitive information from victims’ computers, such as credentials, social media account logins, cryptocurrency wallets, and more.