Google has recently intervened removing from its web store about 500 extensions for the Chrome browser which turned out to be malignant in nature. This result came after a two-month internal investigation work.
These Chrome browser extensions operated maliciously by injecting malicious advertisements during user browsing sessionsis. This code was activated under specific conditions of use, redirecting users to specific sites.
Not everything seemed unfounded in the eyes of users: in some cases the destination sites were perfectly lawful, however introducing an affiliate code that enriched the creator of the Chrome extension. In other cases, however, the landing page led to the download of malware or to a page specially developed to undertake a phishing activity.
It is unclear how many users have downloaded and usedover 500 Chrome browser extensions removed by Google as they become infected over time. Easy to estimate that the order of magnitude is that of millions of users.
Speaking about extensions, Google has banned them from the store and automatically deactivated them within each browser that installed them. Not only that: the extension has been marked as malicious, further indication for users that something was wrong.
