Up to 3 million devices infected by malware-laced Chrome and Edge add-ons

by
Dan Goodin
from Ars Technica - All content on (#5BR3A)
web-browser-800x600.jpg

Enlarge (credit: Getty Images)

As many as 3 million people have been infected by Chrome and Edge browser extensions that steal personal data and redirect users to ad or phishing sites, a security firm said on Wednesday.

In all, researchers from Prague-based Avast said they found 28 extensions for the Google Chrome and Microsoft Edge browsers that contained malware. The add-ons billed themselves as a way to download pictures, videos, or other content from sites including Facebook, Instagram, Vimeo, and Spotify. At the time this post went live, some, but not all, of the malicious extensions remained available for download from Google and Microsoft.

Avast researchers found malicious code in the JavaScript-based extensions that allows them to download malware onto an infected computer. In a post, the researchers wrote:

Read 7 remaining paragraphs | Comments

index?i=Ea0KTjTnG0g:8fJgws-arEc:V_sGLiPB index?i=Ea0KTjTnG0g:8fJgws-arEc:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments