Beware of these extensions in Chrome and Edge browsers, they can steal your data, Cybersecurity researchers have uncovered a massive campaign of search results embezzlement. Its propagation vector is a collection of free extensions for Chrome and Edge browsers that are initially used to customize the appearance of websites.
A researcher uncovered a campaign that used free Google and Microsoft browser extensions to install malware. According to the analyst, the technique used is simple and effective. Perhaps this is the reason why several million computers are affected.
Guardio, a security software publisher, discovered this campaign and dubbed it “Dormant Colors.” This is propagated by browser color customization plugins. The first step is to offer a download or video that interests the visitor. By clicking on the appropriate link, it is redirected to a window that hides the requested page. Hackers think that it is necessary to install an extension (which is virtually harmless and therefore undetectable by an antivirus) to access the site.
Hackers use Chrome and Edge extensions to make ad revenue
Once installed, the Internet user is redirected back to sites that inject malicious plug-in scripts. The latter serves to hijack search results. If the query conditions meet certain criteria, the browser will be redirected to a site full of affiliate links. Thus, every click on one of these links earns money from hackers. In order to maximize profits, cybercriminals have created thirty different types of malicious extensions. Their browser hijacking campaign will not target at least 10,000 sites.
If the hackers seem to have content themselves with stealing clicks and time from Internet users, they can go further: Idle Colors also allows them to collect personal data from visitors for resale. This opens the door to any kind of cybercrime: identity theft, account theft, or even ransomware.
Guardia researchers say this malware is potentially more destructive. According to experts, this campaign is still going on. Hackers are constantly developing “idle colors” to escape the vigilance of security software. As security experts say, “Any extension that makes a site dark and ugly is not worth the risk.” You can find the list of malicious extensions on the website Bleeping Computer.