Malicious Chrome Extensions Insert Ads into Search Results

While the Google’s Chrome browser is appreciated for giving best browser experience, its Chrome Webstore is vested with malicious extension often. These extensions somehow sneak through Google’s tests and show up on millions of browsers sometimes. And here, a new campaign discovered by AdGuard is such incident.

OK, Google, what one should do to help you remove malware from @googlechrome Web Store? https://t.co/mjE0a100ft — Andrey Meshkov (@ay_meshkov) August 4, 2020 AdGuard, an ad-blocking solutions company has reported a malicious campaign happening through Chrome Web store, where about 295 extensions were allegedly hijacking the browsers to insert ads in search results. Out of total 295, 245 extensions were of basic utility purposes like for applying custom background in the “New Tab” page. And the rest were of something like weather forecast widgets or screenshot capture functions. All these extensions are loading a malicious code from fly-analytics.com domain, which would further be used for injecting ads into the search results of Google or Bing. While most of the extensions were still available till this morning, Google started removing them gradually. Further, the AdGuard report also blamed Google moderators for allowing copycat extensions and clone apps which could leverage the brand’s popularity to perform fraud or cookie stuffing activities. Though Google disables all those extensions from users browsers, they need to be uninstalled manually by users. The complete list of all those malicious extensions are available on ZDNet’s post.

Malicious Extensions in Chrome Web store Has Infected Over 80 Million Users - 46