Muscat – Kaspersky researchers have analyzed the risks posed to users by innocent-looking browser extensions and the activities of cybercriminals hiding threats under add-ons.
In the first half of 2022, more than 4,000 users were affected by threats, hiding in browser extensions, at least once, representing more than 19% of the number of users affected by the same threat while throughout 2021 – with yet another half of the year to go.
Mimicking popular applications, such as Google Translator or extensions with useful features such as PDF Converter or Video Downloader, threats in browser extensions can insert advertisements, collect data on users’ browsing histories and even search for login credentials, making it one of the most sought-after tools. for cybercriminals.
Since the start of 2020, Kaspersky products have prevented around 6 million users from downloading threats disguised as browser extensions. The most prevalent threat in the guise of browser extensions has been adware – unwanted software designed to deliver on-screen advertisements. These advertisements are usually based on browsing history to capture users’ interest, embed banners in web pages or redirect them to affiliated pages from which developers can earn money, instead of ads legitimate search engines.
From January 2020 to June 2022, Kaspersky experts observed that more than 11,000 unique users encountered adware hidden in browser extensions, which means that around 84% of all affected users encountered this threat .
“Even browser extensions that do not contain a malicious payload can be dangerous – for example, when the developers of these add-ons sell collected user data to other companies, potentially exposing their data to someone who does not wasn’t supposed to see them. Users may wonder if it’s worth downloading browser extensions when they can contain so many threats. I’m an active user of browser extensions myself and think that add-ons enhance the online experience.
“Some extensions can even make devices much more secure, for example password managers. It is much more important to keep an eye on the reputation and reliability of the developer and the permissions requested by the extension. If you follow the recommendations for safe use of browser extensions, the chances of encountering threats will be minimal,” said Anton V Ivanov, Senior Security Researcher.
To protect against threats hidden in browser extensions, it is recommended to use trusted sources to download software. Malware and unwanted applications are often distributed through third party resources where no one will check their security like official online stores.
These apps can install malicious or unwanted browser extensions without the user’s knowledge and can perform other malicious activities. Extensions add additional functionality to browsers and require access to various resources and permissions, for which careful consideration of requests is required.