fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Malicious Chrome, Edge Extensions With 3M Installs Still In Stores

Malicious Chrome, Edge Extensions With 3M Installs Still In Stores

Malicious Chrome and Edge browser extensions with over 3 million installs, most of them still available on the Chrome Web Store and the Microsoft Edge Add-ons portal, are capable of stealing users’ info and redirecting them to phishing sites.

The malware-laced extensions found by Avast Threat Intelligence researchers are designed to look like helper add-ons for Instagram, Facebook, Vimeo, and other high-profile online platforms.

Malicious activity going back at least two years

While Avast spotted the extensions in November 2020, they estimate that they could have been used for malicious purposes for years given that some Chrome Web Store reviewers have reported link hijacking starting with December 2018.

Malicious code for delivering additional malware payloads on the users’ systems was also detected by Avast researchers.

“Anytime a user clicks on a link, the extensions send information about the click to the attacker’s control server, which can optionally send a command to redirect the victim from the real link target to a new hijacked URL before later redirecting them to the actual website they wanted to visit,” the report says.

“The actors also exfiltrate and collect the user’s birth dates, email addresses, and device information, including first sign in time, last login time, name of the device, operating system, used browser and its version, even IP addresses (which could be used to find the approximate geographical location history of the user).”

Also Read: A Look at the Risk Assessment Form Singapore Government Requires

The end goal of the threat actors behind these web browser extensions is focused on monetizing the users’ traffic by automatically redirecting them to third-party domains.

However, as already mentioned above, these extensions are also able to redirect infected targets to sites filled with ads or used as phishing landing pages.

Hard to spot malicious activity

“The extensions’ backdoors are well-hidden and the extensions only start to exhibit malicious behavior days after installation, which made it hard for any security software to discover,” Avast malware researcher Jan Rubín explained.

Since it can hide, the malware injected within the extensions has made it a lot harder for both researchers and infected users.

Among the tactics used to evade detection, the malware will monitor what the victims search and will not activate if they are looking for info on one of its domains.

It will also avoid infecting web developers who have the knowledge to spot it and examine the extensions’ malicious background activity.

The full list of malicious Chrome and Edge extensions found by Avast, some of them still available for download, can be found below.

• Direct Message for Instagram
• 
Direct Message for Instagram™
• 
DM for Instagram
• 
Invisible mode for Instagram Direct Message
• 
Downloader for Instagram (1,000,000+ users)
• Instagram Download Video & Image
• 
App Phone for Instagram
• 
App Phone for Instagram
• 
Stories for Instagram
• 
Universal Video Downloader
• 
Universal Video Downloader
• 
Video Downloader for FaceBook™
• 
Video Downloader for FaceBook™
• 
Vimeo™ Video Downloader (500,000+ users)
• Vimeo™ Video Downloader
• 
Volume Controller
• 
Zoomer for Instagram and FaceBook
• 
VK UnBlock. Works fast.
• 
Odnoklassniki UnBlock. Works quickly.
• 
Upload photo to Instagram™
• 
Spotify Music Downloader
• 
Stories for Instagram
• 
Upload photo to Instagram™
• 
Pretty Kitty, The Cat Pet
• 
Video Downloader for YouTube
• 
SoundCloud Music Downloader
• 
The New York Times News
• 
Instagram App with Direct Message DM

“Our hypothesis is that either the extensions were deliberately created with the malware built-in, or the author waited for the extensions to become popular, and then pushed an update containing the malware,” Avast malware researcher Jan Rubín concluded.

Also Read: How to Send Mass Email Without Showing Addresses: 2 Great Workarounds

“It could also be that the author sold the original extensions to someone else after creating them, and then the buyer introduced the malware afterward.”

Both Microsoft and Google are currently looking into Avasy’s findings but, until they are removed, users should disable or uninstall the extensions and then scan for any malware infections.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us