More than 100 fake extensions detected in the Chrome store take over sessions
More than 100 fake Chrome extensions, which have been identified since February 2024, seize users sessions, steal their identity information and inject advertising to the browsers.
Fake Chrome extensions threaten users
According to the findings of the Domaintools Intelligence (DTI) team, a large number of extensions have been released in the Chrome Web Store since February 2024, which seem to be apparently harmless, but has serious security risks in the background.
Malicious extensions get excessive permits
Malicious add -ons, manifest.json files give them extensive permissions.
They spread by imitating legitimate services
The distribution of extensions is carried out through fake websites that mimic known services such as Deepseek, Manus, Debank, Fortivpn and Site Stats.
Facebook tools may also be used
The DTI team thinks that attackers also use social media platforms to direct users to fake extensions.
Google took action, users are warned
The malicious extensions identified have been removed from the Chrome Web Store by Google.
The risk of manipulation continues
According to Domaintools' findings, some extensions direct users who give low scores to special feedback forms to manipulate user scoring, while directing high scorers directly to the Chrome Store.
Kaynak: CUMHA - CUMHUR HABER AJANSI
What's Your Reaction?
Like
0
Dislike
0
Love
0
Funny
0
Angry
0
Sad
0
Wow
0
