A few days ago, foreign security companies disclosed that there are many malicious extensions in the Google Chrome Web Store. These malicious extensions have multiple functions to steal user privacy.
It is worth noting that these extensions have been downloaded 32 million times, which means that a large number of users worldwide have been attacked.
Unlike most spam extensions, the main purpose of these malicious extensions is to steal privacy, and will not rely on hijacking access to earn rebates or play advertisements.
Therefore, the developers behind it are clearly targeted for the purpose. Unfortunately, the developer information of these malicious extension families has not yet been clarified.
With the development of the Internet, more and more of our work is done through the browser, such as checking emails, writing documents, and reporting information in the company system.
Although deploying an HTTPS encrypted connection can prevent man-in-the-middle attacks from stealing data, browser extensions can steal information directly from the browser.
For example, these malicious extensions collect user access history, forms, and account passwords, cookies and may even initiate a screenshot function to return screenshots.
Therefore, after installing these malicious extensions, any key information can be intercepted and used by the attacker at any time.
The security issue with extensions has been seen in Google Chrome several times before, usually, after external security companies detected it and notified Google to delete it.
According to the process, developers who want to publish their own extensions need to submit to Google for review. Only after Google reviews and ensures there are no problems, they can publish.
However, a large number of Google-approved extensions appear in the Google Chrome store, but users also believe that downloading extensions from the Chrome Web Store is certainly safe enough.