Last Update: June 05, 2023, 08:03 AM IST
Google is ready to address spam and unwanted ads.
Google has removed 32 malicious extensions totaling 75 million downloads from the Chrome Web Store that can alter search results and push spam or unwanted ads.
Google has removed 32 malicious extensions totaling 75 million downloads from the Chrome Web Store that can alter search results and push spam or unwanted ads.
According to BleepingComputer, the extension contained legitimate functionality, delivered in obfuscated code, to keep users unaware of the malicious behavior.
In an analysis of the PDF Toolbox extension (2 million downloads) available from the Chrome Web Store, cyber security researcher Vladimir Palant found code that was disguised as a valid API wrapper.
The researcher explained that the code “serasearchtop[.]com” domain to inject arbitrary JavaScript code into any website visited by the user.
Furthermore, the report states that the potential for abuse ranges from inserting advertisements into webpages to stealing sensitive information.
However, the researchers did not see any malicious activity, so the purpose of the code remained unknown.
The researchers also found that the code was set to activate 24 hours after the extension was installed, which is typical for malicious intent, as noted in the report.
Meanwhile, Google has blocked the infamous CryptBot malware, which the company claims stole data from hundreds of thousands of Chrome browser users over the past year.
According to the company, CryptBot is a type of malware often referred to as an ‘infostealer’ because it is designed to identify and steal sensitive information from victims’ computers such as authentication credentials, social media account logins, cryptocurrency wallets, and more. is designed for.
(This story has not been edited by News18 staff and is published from a syndicated news agency feed – IANS,