Delete these browser extensions! Popular downloads hiding malware

December 17, 2020

By Kim Komando

We’re all looking for ways to be more productive and make getting things done easier. Apps on your devices are a great way to accomplish almost anything you put your mind to. When you’re working on a computer, you’ll want to add browser extensions for the same type of results.

Browser extensions can give you quick access to things like translation, currency conversion or screen captures. Third-party software makers often develop these extensions, and that has recently been causing security issues. Tap or click here to find out about security for browser extensions.

In fact, several extensions were recently caught hiding malware. If you are using any of these malicious extensions, you’re putting your personal information and banking details at risk.

Remove these browser extension

Digital security company Avast said that it recently discovered more than 20 malicious extensions, harboring malware when used with Google Chrome and Microsoft Edge browsers. Installing and activating an infected extension can put your computer’s security at risk and expose your information.

The malicious extensions redirect your PC’s internet traffic to advertising or phishing websites. Unaware users could inadvertently supply the scammers with all their personal information or banking details.

If you make use of any extension listed below, we suggest that you deactivate and remove it from your browser immediately.

Most of the extensions are related to downloading content from YouTube, Instagram or Spotify, while others plug into Facebook or Vimeo.

Under normal circumstances, an antivirus or malware application would detect the malicious code in the extensions. For the ones listed, the authors of the code found a sneaky way around it.

RELATED: Watch out! Cybercriminals are now targeting your browser extensions

Your antivirus might not detect the threat

Avast speculated that the malware only starts to infect the browser a couple of days after installed, which explains why it remains undetected by antivirus software.

“Our hypothesis is that either the extensions were deliberately created with the malware built-in, or the author waited for the extensions to become popular, and then pushed an update containing the malware,” explained Jan Rubín, Malware Researcher at Avast.

Rubín continued: “It could also be that the author sold the original extensions to someone else after creating them, and then the buyer introduced the malware afterward.”

RELATED: 100+ Chrome extensions caught spying – delete them now

How to protect against malicious extensions

To protect yourself from malware, make sure that your antivirus software is up to date and that Microsoft’s Defender is activated on your system if you use a Windows PC. There are several things to look out for in the Chrome Web Store to ensure your online safety. Here are a few suggestions:

Authenticate creator

Where possible, only download and activate extensions from developers or creators that you know or trust. One example of this is Google, as it develops its own extensions. It is much safer to grab them from the official source.

Check the reviews and ratings

Always check what other users are saying about an extension. Add-ons with low star-ratings or negative reviews will not serve you well.

Number of downloads

Together with the above-mentioned reviews and star-ratings, the number of downloads should also be factored in. An extension with a low number of downloads but a high rating should be treated with caution.

https://www.komando.com/tips/cybersecurity/malicious-browser-extensions/