Cybersecurity researchers said Thursday that more than 1.3 million users were affected by threats hidden in browser extensions in the first half of 2022.
This figure represents more than 70% of the number of users affected by the same threat throughout 2021.
Kaspersky researchers have analyzed the risks that innocent-looking browser extensions pose to users and the activities of cybercriminals hiding threats under add-ons.
Mimicking popular applications such as Google Translator or extensions with useful features such as PDF Converter or Video Downloader, threats present in browser extensions can insert advertisements, collect data on users’ browsing history and even search login credentials.
“Even browser extensions that do not contain a malicious payload can be dangerous. For example, when the developers of these add-ons sell collected user data to other companies, potentially exposing their data to someone who does not wasn’t supposed to see them,” said Anton Ivanov, senior security researcher.
The most prevalent threat in the guise of browser extensions has been adware – unwanted software designed to display advertisements on the screen.
These advertisements are usually based on browsing history to capture users’ interest, embed banners in web pages or redirect them to affiliated pages from which developers can earn money, instead of ads legitimate search engines.
From January 2020 to June 2022, Kaspersky experts observed that more than 4.3 million unique users encountered adware hidden in browser extensions, which means that around 70% of all affected users encountered this threat.
Adware can track whatever the user searches for and then promote those products with affiliate ads on the search engine.
In 2020, Google removed 106 malicious browser extensions from its Chrome Web Store.
In total, these malicious extensions have been downloaded 32 million times, putting the data of millions of users at risk.
“However, this does not happen often, malicious add-ons are mostly distributed via third-party resources, the report states.
n / A/
(Only the title and image of this report may have been edited by Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)