• Send Us A Tip
  • Calling all Tech Writers
  • Advertise
Thursday, May 22, 2025
  • Login
  • Register
TechStory
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
TechStory
No Result
View All Result
Home Tech

Google Removes 32 Malicious Chrome Extensions with Over 75 Million Installs from Web Store

by Sneha Singh
June 6, 2023
in Tech
Reading Time: 3 mins read
0
Google
TwitterWhatsappLinkedin

The commitment of Google to combat malicious software expands beyond its Play Store, as evidenced by its recent removal of 32 harmful extensions from the Chrome Web Store. With a cumulative installation count exceeding 75 million, these extensions had successfully infiltrated users’ browsers.

You might also like

Google Introduces Beam AI for Lifelike 3D Video Transformation

Paramount Faces Political Firestorm Over Possible Trump Lawsuit Settlement

Intel Considers Selling Network and Edge Units Amid Strategic Overhaul Under New CEO

Reports from BleepingComputer shed light on the deceptive techniques employed by these malicious extensions. By camouflaging their hidden code within seemingly harmless functionalities, they managed to evade detection by unsuspecting users. This tactic allowed the extensions to operate undetected while carrying out their intended functions, effectively bypassing security measures.

Renowned cybersecurity researcher Wladimir Palant contributed significantly to uncovering the threat’s extent. During his investigation, he encountered obfuscated code in the PDF Toolbox extension for Google Chrome. Despite the extension boasting a commendable Chrome Web Store rating of 4.2 and amassing over 2 million users, Palant’s analysis revealed the presence of potentially harmful elements within the code.

Delving deeper into the issue, Palant’s findings revealed a startling revelation. The hidden code within the PDF Toolbox extension enabled the website “serasearchtop[.]com” to inject arbitrary JavaScript code into websites visited by users with the extension installed. Intriguingly, this code was programmed to activate 24 hours after installation, suggesting its primary purpose was to inject unwanted advertisements.

Google Removes 32 Malicious Chrome Extensions with Over 75 Million Installs from Web Store
Credits: TechRadar

Concerns about Installation Numbers and Potential Manipulation

Building upon his initial discovery, Palant expanded his investigation to uncover 18 additional browser extensions that employed similar malicious code. Remarkably, these compromised extensions collectively accumulated a vast user base of 55 million. Among the affected extensions was Autoskip for YouTube, catering to a staggering 9 million active users, Soundboost, with 6.9 million users; and Crystal Ad Block, with 6.8 million users. These alarming statistics are a stark reminder of the widespread impact caused by these malicious extensions.

The incidents surrounding these malicious extensions emphasize the importance of implementing comprehensive security measures to safeguard users’ online experiences. Google’s swift action in removing the compromised extensions from the Chrome Web Store is a testament to its commitment to user safety. As users, it is crucial to remain vigilant and exercise caution when installing browser extensions, ensuring their legitimacy and adhering to best practices for online security.

After confirming the presence of malicious code, Avast promptly reported the compromised extensions to Google. The cybersecurity giant’s investigation expanded to uncover additional similar extensions, ultimately reaching 32 identified threats. These extensions had collectively amassed a staggering 75 million installations.

However, Avast cautioned that while the number of installs is undeniably high, it is possible that these figures were artificially inflated. This suspicion arises from the remarkably low number of reviews accompanying these extensions on the Chrome Web Store. Additionally, Avast noted a discrepancy between the number of people who encountered the malicious activity and the reported number of installs. These anomalies raise questions about the potential manipulation of the installation figures.

The Swift Response of Google to Protect Users

While the true scope of the impact remains uncertain, it is evident that these malicious extensions posed a significant threat to a substantial user base. This incident further underscores the need for robust security measures and vigilance in the digital landscape.

Following a thorough investigation, Avast has determined that the compromised extensions’ ultimate objective revolves around adware distribution. The malicious code deployed by these extensions inundates users with intrusive and unwanted advertisements. Moreover, the extensions include a search results hijacker feature, which manipulates search queries to display sponsored links, paid search results, and potentially harmful links.

In response to these security concerns, Google promptly removed the reported extensions from the Chrome Web Store. However, it is essential for users who still have these extensions installed to take proactive measures. To mitigate the risks associated with the compromised extensions, individuals are advised to deactivate or uninstall them promptly.

Users should remain cautious when installing browser extensions and regularly review and assess the permissions and functionality of the extensions they employ. These extensions’ identified adware and search-hijacking capabilities highlight the significance of maintaining a vigilant approach to online security. By staying proactive and adopting best security practices, individuals can help protect themselves from potential threats lurking in the digital landscape.

Tags: 32 malicious appsGooglegoogle ban appsGoogle ChromePlay Store
Tweet54SendShare15
Previous Post

Twitter Co-Founder Jack Dorsey Endorses Robert F. Kennedy Jr. for US President

Next Post

UBS Set to Finalize Acquisition of Credit Suisse by June 12

Sneha Singh

Sneha is a skilled writer with a passion for uncovering the latest stories and breaking news. She has written for a variety of publications, covering topics ranging from politics and business to entertainment and sports.

Recommended For You

Google Introduces Beam AI for Lifelike 3D Video Transformation

by Sneha Singh
May 22, 2025
0
Google Introduces Beam AI for Lifelike 3D Video Transformation

Google has unveiled the wraps off its latest communication tech at the Google I/O 2025 conference, renaming its test Project Starline "Beam" – an advanced 3D video platform...

Read more

Paramount Faces Political Firestorm Over Possible Trump Lawsuit Settlement

by Harikrishnan A
May 22, 2025
0
Paramount Faces Political Firestorm Over Possible Trump Lawsuit Settlement

Three senior U.S. senators are raising red flags over media giant Paramount Global’s ongoing legal entanglement with President Donald Trump, warning that a settlement in his $20 billion...

Read more

Intel Considers Selling Network and Edge Units Amid Strategic Overhaul Under New CEO

by Harikrishnan A
May 22, 2025
0
Pentagon Halts $2.5 Billion Chip Grant to Intel,

In a significant pivot that could reshape Intel’s future, the tech giant is quietly weighing whether to sell off its network and edge computing business units. The move...

Read more
Next Post
Moody's downgrades outlook for UBS following Credit Suisse acquisition

UBS Set to Finalize Acquisition of Credit Suisse by June 12

Please login to join discussion

Techstory

Tech and Business News from around the world. Follow along for latest in the world of Tech, AI, Crypto, EVs, Business Personalities and more.
reach us at [email protected]

Advertise With Us

Reach out at - [email protected]

BROWSE BY TAG

#Crypto #howto 2024 acquisition AI amazon Apple bitcoin Business China cryptocurrency e-commerce electric vehicles Elon Musk Ethereum facebook flipkart funding Gaming Google India Instagram Investment ios iPhone IPO Market Markets Meta Microsoft News NFT samsung Social Media SpaceX startup startups tech technology Tesla TikTok trend trending twitter US

© 2024 Techstory.in

No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to

© 2024 Techstory.in

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?