Some Google Chrome add-ons have been found to contain malicious code and you could be affected.

 

Google Chrome is arguably the most secure browser available for use. Hackers have found a way to inconspicuously bypass that security by making fun and harmless looking extensions and offering them up as free Google Chrome add-ons.

Recently, trouble with an extension named “Tiempo en Colombia en vivo” came to my attention. This malicious add-on is written in a way that as soon as you encounter it on a webpage the script runs a force install, effectively blocking you from exiting the webpage you are on until it’s downloaded and then, once downloaded, it would prevent users from removing it by redirecting them from the page they’d need to visit in order to remove the extension.

It was also available for a time directly downloadable from the Chrome app store.

What kind of intent this particular add-on had is unclear. One of the people that tested it found that once this sneaky extension made its way onto a computer it would click on dozens of YouTube videos. That doesn’t seem too forbidding in and of itself, but this action could easily be masking a more sinister application. It just seems silly that someone would write such a sophisticated code just for some video views.

Either way, once the extension had taken root, the only way it was found possible to remove the downloaded add-on from a hijacked computer was by running antivirus software.

This is not the only malicious extension out there; far from it. A representative at Google reported to Ars Technica that, “Security is a core tenet of Chrome and the browser automatically blocks over one thousand malicious or abusive extensions per month.” That means that hackers are continually writing code and trying to get past Google’s security so that they can get to you. Some of them are succeeding, so you need to stay alert.

Here’s what you can do to protect yourself:

  • If you don’t know how to remove extensions, how to research a developer, where to read the comments about the extension, and how to research the title, avoid adding extensions to Chrome until you do. Tech support can be expensive, better to take precaution and not install the add-ons if you’re uncomfortable than to potentially infect your computer inadvertently.

 

  • As always, run your antivirus software regularly. There are multiple ways for a computer to become infected, so it’s important to stay vigilant against attack. You won’t always catch everything though, so let your antivirus do its job, update it whenever there’s an update available and run the software frequently, or at least once a month.

 

  • If you did happen to download a malicious extension and realize your mistake after the fact, don’t be embarrassed and put off contacting someone for help; that malicious code could possibly cause irreparable harm.

 

  • Educate yourself regarding antivirus software and how to avoid forced Chrome extension installs by reading the blog posts linked below.

Read about our antivirus recommendations here:  https://rhynonetworks.com/antivirus-101-why-we-use-eset-and-think-that-you-should-too/

Read about how to avoid forced Chrome extension installs here:  https://rhynonetworks.com/how-to-free-yourself-from-webpages-with-circular-pop-ups/

As always, if you have any concerns, give us a call here at RHYNO Networks. (855) 749-6648