Google Chrome users have been urged to remove 16 browser extensions found to pose security risks, potentially leading to fraud and data theft.
The Google malware warnings from GitLab Threat Intelligence, found the malware infecting more than 3.2 million users.
The extensions in question, which include screen capture tools, ad blockers, and emoji keyboards, were originally valid; they later became corrupted by malicious updates.
These extensions, once installed and allowed to run, would insert malicious code into browsers and allow hackers to pilfer details on users and control revenue on search engine ads, according to Tom’s Guide.
According to tech site Notebook Check, the attack was first triggered when developer accounts accidentally relinquished control of their extensions to attackers, who then deployed malicious updates through official extension stores.
The compromised extensions include:
- Blipshot
- Emojis (Emoji Keyboard)
- Colour Changer for YouTube
- Video Effects for YouTube and Audio Enhancer
- Themes for Chrome and YouTube Picture in Picture
- Mike Adblock für Chrome
- Super Dark Mode
- Emoji Keyboard Emojis for Chrome
- Adblocker for Chrome (NoAds)
- Adblock for You
- Adblock for Chrome
- Nimble Capture
- KProxy
- Page Refresh
- Wistia Video Downloader
- WAToolkit
Although these extensions are no longer available on the Chrome Web Store, users with them installed will need to delete them manually to reduce security risks.
Experts recommend running antivirus scans to detect any potential malware or viruses that may have compromised affected devices.
