New Delhi, Aug 18 : Researchers in cyber-security said on Thursday that over 1.3 million internet users had been impacted by threats that were hidden in browser extensions in the first half of 2022. The figure is more than 70% of the total number of users who will be affected by this threat through 2021.
Kaspersky researchers examined the threats innocent-looking browser extensions can expose users to and the actions of cybercriminals who hide malware under extensions.
Imitating popular applications such as Google Translator or extensions with useful functions such as YouTube Downloader or PDF Converter, the threats in browser extensions could insert advertisements, gather data about browsing history of users and even look for login credentials.
“Even browser add-ons that do not contain malware could be risky.
For instance, if the creators of these add-ons sell information about users to other companies and expose their personal information to people who were not supposed to have access to the information,” said Anton Ivanov, senior security researcher.
The most prominent threat that has been spread under the disguise of browser extensions is adsware, a malicious program created to display ads in the display.
These advertisements are typically made based on browsing history of the user to capture’ attention, and embed banners in websites or redirect users to affiliate websites that developers can make money from as an alternative to the use of authentic search engine advertisements.
From January 2020 until June 2022, Kaspersky researchers discovered that over 4.3 million users who were afflicted by ads hidden in browser extensions.This is roughly 70 percent of the affected users have experienced this danger.
Adware tracks everything the user is searching for and advertise these items with advertisements that are affiliate-based on the search engines.
In 2020 Google took down 106 browser extensions that were malicious from the Chrome Web Store.
In all, these malicious extensions were downloaded over 32 million times, which put the personal information of millions of users at risk.
“However this doesn’t occur often, and the primary method of distribution of malicious add-ons is through third-party resources, according to the report.
na/
.
