Coleman Technologies Blog
Watch Out for Malicious Browser Extensions
How Do These Threats Work?
These attacks work similarly to how a phishing attack or a spoofed email would, as a user is promised one thing but winds up receiving something very different. While a malicious application may perform the task it claims to, it also may redirect the user to a phishing website or ad (making the cybercriminal some money) or simply steal some of the user’s information, like their birthday or email address.
In the case of these extensions, the code needed for several different malicious operations was present, including:
- Redirecting traffic to advertisements (falsely generating revenue)
- Redirecting traffic to phishing websites
- Collecting personal data
- Collecting browsing history
- Downloading additional malware onto a user’s device
Avast’s researchers believe that only the first code was actively utilized, generating ill-gotten revenue for the creators of these extensions. Regardless, these extensions should be removed from any systems on your business’ network that they may be installed on.
The impacted extensions are as follows:
Chrome
- App Phone for Instagram
- Direct Message for Instagram
- DM for Instagram
- Downloader for Instagram
- Invisible mode for Instagram Direct Message
- Odnoklassniki UnBlock. Works quickly.
- Spotify Music Downloader
- Stories for Instagram
- The New York Times News
- Universal Video Downloader
- Upload photo to Instagram™
- Video Downloader for FaceBook™
- Vimeo™ Video Downloader
- VK UnBlock. Works fast.
- Zoomer for Instagram and Facebook
Edge
- DM for Instagram
- Downloader for Instagram
- Instagram App with Direct Message DM
- Instagram Download Video & Image
- Pretty Kitty, The Cat Pet
- SoundCloud Music Downloader
- Stories for Instagram
- Universal Video Downloader
- Upload photo to Instagram™
- Video Downloader for FaceBook™
- Video Downloader for YouTube
- Vimeo™ Video Downloader
- Volume Controller
Again, we encourage you to check your company’s network to ensure that these extensions are not installed in any of your users’ browsers, and that you encourage your employees to do the same.
Not sure how to go about doing so? Coleman Technologies can help. As a managed service provider, our services include remotely monitoring your business’ technology and network for threats while keeping abreast of this kind of news so that we can proactively resolve any issues that may influence your operations.
Find out more today by reaching out to us at (604) 513-9428.
When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.
Comments