These 34 Google Chrome Extensions may steal your credit card info — delete 'em before you're toast
The Google Chrome Web Store is the most popular destination for extensions, which lets users to extend the functionality of their browsers. For example, the Teleparty extension lets me host a Netflix party with friends, allowing us to watch the same show or movie simultaneously.
However, according to a new report from Kaspersky, you may want to be careful about what you download on the Chrome Web Store. Cybersecurity researchers discovered that the search-engine giant was inadvertently hosting over 30 malicious Chrome Extensions in the popular online store.
34 malicious Chrome Extensions invaded the Web Store
The malicious Chrome extensions were uploaded to the Chrome Web Store in 2021 and 2022. In other words, these extensions were sitting the Web Store for at least six months before cybersecurity researchers stepped in to analyze them for the aforementioned Kaspersky report.
Many of them are ad blockers and VPNs; take a look at the list below:
Autoskip for Youtube
Soundboost
Crystal Adblock
Brisk VPN
Clipboard Helper
Maxi Refresher
Quick Translation
Easyview Reader view
PDF Toolbox
Epsilon Ad blocker
Craft Cursors
Alfablocker ad blocker
Zoom Plus
Base Image Downloader
Clickish fun cursors
Cursor-A custom cursor
Amazing Dark Mode
Maximum Color Changer for Youtube
Awesome Auto Refresh
Venus Adblock
Adblock Dragon
Readl Reader mode
Volume Frenzy
Image download center
Font Customizer
Easy Undo Closed Tabs
Screence screen recorder
OneCleaner
Repeat button
Leap Video Downloader
Tap Image Downloader
Qspeed Video Speed Controller
HyperVolume
Light picture-in-picture
Fortunately, Google took them all down, but Kaspersky noted that it took two big-name cybersecurity firms, including itself, before the search engine giant took action to remove these malicious Chrome Extensions.
Among some of the reviews, there were complaints from users about the extensions swapping out addresses in search results with adware links, but according to Kaspersky, "ordinary users' complaints generally go unheeded."
What can these malicious extensions do?
Kaspersky said that browser extensions are breeding grounds for malicious cybercriminal activity because users give them high-level access. Most browser plugins ask your permission to read and change your data on all websites. In other words, ill-intentioned actors can see everything you do and follow all the sites you visit. Plus, they can change the contents of any page.
As such, malicious browser extensions can do the following
Track your activity to collect and sell information about you
Steal card details and account credentials
Embed ads in web pages
Substitute links in search results
Replace the browser's home page with an advertising link
What's worse is that a browser extension may play an innocent game at first, but with the owner's command, it can transform into a malicious plugin.
How did these malicious Chrome Extensions get caught?
A Chrome extension named PDF Toolbox alarmed cybersecurity investigator Vladimir Palant when he, upon close inspection, discovered a suspicious extraneous functionality. It had the ability to access a site that "loaded arbitrary code on all pages viewed by the user," according to the Kaspersky report.
Interestingly, PDF Toolbox has a large user page, good reviews, two million downloads, and an average score of 4.2.
This deceptive Chrome extension impelled Palant to see if there were any more infected plugins hiding out in the Web Store, and of course, he found plenty — an additional 33 to be exact.
How to delete a Chrome Extension
Kaspersky said that Google's moderators do an awful job at vetting the security and safety of the extensions that it hosts in the Google Chrome Web Store. If you're concerned about an extension you currently have installed, here are the steps you can take to remove it:
1. Click on the the triple-dot Settings icon
2. Go to Extensions.
3. Click on Manage Extensions.
Here, you can click Remove on any suspicious extensions you feel have malicious intent.