A Brief Guide to Help You Avoid Malicious Browser Extensions

There are dozens of Internet browsers on the market. They are typically all free and when they come stock, are pretty much all the same. Most of the most popular ones come with an app store where users can download useful apps to make their experience better. Unfortunately, there are times that malicious code gets in there. Security firm Avast recently found 28 third-party extensions that are extraordinarily popular that had malicious code found in them.

How Do Browser Extension Threats Work?

These attacks work in much the same fashion as a phishing attack or spoof would. The user is promised something but winds up infected. The software that is downloaded might perform the task as advertised, but it may also redirect users to a malicious ad or website, or simply siphon data from the browser.

In the extensions found to have malignant code, Avast found code that was:

The company’s researchers believe that the first code was the one actively used. It generated fraudulent revenue for the creators of these extensions. If they haven’t been removed already, they should be removed immediately by your IT admin to avoid data theft.

Here is a complete list:

Chrome

Edge

Check your company’s network to see if any of these are being actively utilized and block them immediately.

If you need help to keep control over your IT, call the IT professionals at Business Solutions & Software Group today at (954) 575-3992. Our experts can help you maintain and manage your software to ensure that you won’t have to deal with malicious software in the future.