Secure Annex, a cybersecurity platform specializing in monitoring and analyzing browser extensions, has uncovered a series of potentially malicious Chrome extensions. The 57 pinned extensions have a total of six million users.
Extensions capable of spying on you
As John Tuckner, the researcher behind the discovery, explains, the extensions request abusive permissions. Thanks to these permissions, the extensions can spy on what users are viewing through the browser or suck up browsing cookies. Furthermore, the researcher found evidence showing that the extensions send the collected information remotely. The extension can also change the search engine used in the browser without your consent. This operation opens the door to the manipulation of search results.
Worse, the extension is capable of loading and executing code from an external server on the web pages you visit. Finally, the extension code is riddled with obfuscation techniques. In short, the developers have done everything to prevent the code from being easily readable. This is a classic technique for hiding malicious features. Despite his investigations, the researcher has not found any evidence that the extensions steal user passwords or cookies.
The list of 57 Chrome extensions to uninstall
These are essentially confidential extensions. In short, they are not available on the Chrome Web Store and are not indexed by search engines. To install them, you must have a download URL. These are mostly extensions reserved for the professional world, often linked to internal company software. They are not available for download to all Internet users. Many companies "deliver their software through unlisted extensions," says John Tuckner. Without further ado, here's the complete list of extensions you should uninstall from your browser:
- Fire Shield Chrome Safety
- Safe Search for Chrome™
- Fire Shield Extension Protection
- Browser Checkup for Chrome by Doctor
- Protecto for Chrome™
- Unbiased Search by Protecto
- Securify Your Browser
- Web Privacy Assistant
- Securify Kid Protection
- Bing Search by Securify
- Browse Securely for Chrome™
- Better Browse by SecurySearch
- Check My Permissions for Chrome
- Website Safety for Chrome
- MultiSearch for Chrome™
- Global search for Chrome™
- Map Search for Chrome™
- Watch Tower Overview
- Incognito Shield for Chrome™
- In Site Search for Chrome™
- Privacy Guard for Chrome™
- Yahoo Search by Ghost
- Private Search for Chrome™
- Total Safety for Chrome™
- Data Shield for Chrome
- Browser WatchDog for Chrome
- Incognito Search for Chrome™
- Web Results for Chrome™
- Cuponomia – Coupon and Cashback
- Securify for Chrome™
- Securify Advanced Web Protection
- News Search for Chrome™
- SecuryBrowse for Chrome™
- Browse Securely for Chrome™
- Choose Your Search
- Browsing Protection by Web Defender
- Web Defender – Search Securely
- New Tab by Securify
- Safe Internet by Securify
- Yahoo Search by Securify
- Incognito Web for Chrome™
- Secure Surf for Chrome
- Safe Tab by Securify
- Custom Tab for Chrome™
- Site Safety for Chrome
- Web Control for Chrome™
- All News Search by Securify
- Shopping Results for Chrome™
- Defender Extension by Securify
Nevertheless, several of the extensions pinned by Secure Annex were public. Some of the extensions were available on the Chrome Web Store. Alerted by the researcher, Google banned some of the extensions from its platform. Several potentially malicious extensions are still on the store, however, regrets John Tuckner.
For our part, we only found one extension from the list on the Chrome Web Store, namely Browser Checkup for Chrome by Doctor. Questioned by Bleeping Computer, Google assures that it has opened an investigation into the extensions identified. If you have installed one of these extensions, it is important to remove it immediately. As a precaution, we recommend changing your online account passwords, especially those related to email, banking, and social media.
Source: Secure Annex
0 Comments