Malicious Extensions

Czech Internet security giant Avast found out on December 16th that around 3 million people all over the world have been infected with malware spread through third-party browser extensions for Instagram, Facebook, and Vimeo among others.

As of now Google Chrome and Microsoft Edge appear to be the affected browser. Google and Microsoft are extensively investigating the issue, but the 28 fake extensions continue to be available on the Chrome Web-Store and Microsoft Edge Add-on portals. As of now, 15 of these malicious extensions reside on Google Chrome and 13 on Microsoft Edge.

How does the malware work?

The malware works by hijacking the URL. So every time you click on a new link, the hacker tracks your every movement. Then the hacker automatically re-directs you to a new URL of his liking instead of to the one you chose to go to.

The incentive here is purely monetary as redirecting users to ads and phishing sites would yield a steady stream of incoming considering the horde of innocent users being re-directed.

Risk of data leaks

The malwares are not limited to just generating ad revenue, as they are capable of collecting user data as well. It has been reported that these fake extensions are capable of collecting the user’s date of birth, email address, device information, first sign in time, latest login time, browser used and even the IP address. These data points once put together have the potential to reveal a user’s geographical location.

Though these fake extensions were only recently discovered, some of them have been rampant since December 2018. It is believed that the attackers wait for the extension to become popular and then introduce the malware via an update. It is also possible that the original extension developer could have sold it to someone else, and subsequently they could have introduced the malware.

List of extensions affected on Google chrome and Microsoft Edge:

  1. Direct Message for Instagram
  2. Direct Message for Instagram™
  3. DM for Instagram
  4. Invisible mode for Instagram Direct Message
  5. Downloader for Instagram
  6. Instagram Download Video & Image
  7. App Phone for Instagram
  8. App Phone for Instagram
  9. Stories for Instagram
  10. Universal Video Downloader
  11. Universal Video Downloader
  12. Video Downloader for FaceBook™
  13. Video Downloader for FaceBook™
  14. Vimeo™ Video Downloader
  15. Vimeo™ Video Downloader
  16. Volume Controller
  17. Zoomer for Instagram and FaceBook
  18. VK UnBlock. Works fast.
  19. Odnoklassniki UnBlock. Works quickly.
  20. Upload photo to Instagram™
  21. Spotify Music Downloader
  22. Stories for Instagram
  23. Upload photo to Instagram™
  24. Pretty Kitty, The Cat Pet
  25. Video Downloader for YouTube
  26. SoundCloud Music Downloader
  27. The New York Times News
  28. Instagram App with Direct Message DM

You can follow us on LinkedinTwitterFacebook for daily Cyber security and hacking news updates.

Gurubaran is a Security Consultant, Security Editor & Co-Founder of Cyber Security News & GBHackers On Security.