News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

  • Warning! Malicious Browser Extensions

    Home Forums Code Red – Security/Privacy advisories Warning! Malicious Browser Extensions

    • This topic has 13 replies, 10 voices, and was last updated 2 months ago.
    Viewing 10 reply threads
    • Author
      Posts
      • #2320313
        Microfix
        AskWoody MVP

        The browsers in question are Google Chrome and MS Edge as reported by Sergiu Gatlan over on Bleeping Computer
        Discovered by an Avast malware researcher, Jan Rubín explains:

        “The extensions’ backdoors are well-hidden and the extensions only start to exhibit malicious behavior days after installation, which made it hard for any security software to discover,”

        the extensions in question are listed below

        • Direct Message for Instagram
        • Direct Message for Instagram™
        • DM for Instagram
        • Invisible mode for Instagram Direct Message
        • Downloader for Instagram (1,000,000+ users)
        • Instagram Download Video & Image
        • App Phone for Instagram
        • App Phone for Instagram
        • Stories for Instagram
        • Universal Video Downloader
        • Universal Video Downloader
        • Video Downloader for FaceBook™
        • Video Downloader for FaceBook™
        • Vimeo™ Video Downloader (500,000+ users)
        • Vimeo™ Video Downloader
        • Volume Controller
        • Zoomer for Instagram and FaceBook
        • VK UnBlock. Works fast.
        • Odnoklassniki UnBlock. Works quickly.
        • Upload photo to Instagram™
        • Spotify Music Downloader
        • Stories for Instagram
        • Upload photo to Instagram™
        • Pretty Kitty, The Cat Pet
        • Video Downloader for YouTube
        • SoundCloud Music Downloader
        • The New York Times News
        • Instagram App with Direct Message DM

        Course of action:
        1. Either disable or uninstall if you have any of them on your system
        (the later being the safer IMO)
        2. Then run a full up-to-date AV/ malware scan.

        More info in above link

        6 users thanked author for this post.
      • #2320430
        OscarCP
        AskWoody Plus

        I just checked by clicking on the “Extensions” icon in Chrome and only found four, all familiar to me, because I have installed them myself, and none of those in the list. Is there some other way where I could find if there are any more in some so far unexplored nook, or cranny of Chrome?

        Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

        • #2320434
          Microfix
          AskWoody MVP

          @OscarCP, If your chosen/installed extensions don’t match up to any on the above list in the original thread post, there’s nothing to worry about.

          2 users thanked author for this post.
      • #2320438
        Geo
        AskWoody Plus

        I wonder if Firefox will be affected?

        • This reply was modified 2 months, 3 weeks ago by Geo.
        • #2322537
          KP
          AskWoody Plus

          I am a Firefox ESR user and I only use Mozilla Firefox Recommended Extensions.

          Open the Firefox Menu, Add-ons; there is a trophy icon for the Firefox Recommended Extensions.

           

      • #2320577
        anonymous
        Guest

        So Downloader for Instagram extension could be the reason I was logged out of Instagram and stopped me from logging back in a few days ago. I had to change the password to access it. I thought how strange. I’ve just uninstalled the extension.

      • #2320690
        doriel
        AskWoody Lounger

        Bad news is, that something average user trusts (it contains “Instagram”, or “Vimeo” registered trademark for example) has backdoors.
        There should be some validation process before enabling extension to be available.

        Dell Latitude E6530, Intel Core i5 @ 2.6 GHz, 4GB RAM, W10 1809 Enterprise

        HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

        • #2320728
          Ascaris
          AskWoody_MVP

          There should be some validation process before enabling extension to be available.

          It’s not really feasible to do that. There are too many extensions and not enough resources to review every one of them (every update would have to be evaluated). Firefox has tried to do that by requiring them to be signed, and there are some that are considered “trusted” and are listed as recommended, but it doesn’t mean the ones that are not recommended are bad.

          The flip side of requiring addons to be validated is that you’d be denying browser users the ability to make their own choices about addons, and only letting them choose from the relatively few that are “officially” recommended. There was a lot of anger and annoyance when Mozilla first introduced the addon signing thing, which (in typical Mozilla form) started as optional, and was then made mandatory. At some level, you’re taking a leap of faith any time you run any code you didn’t personally write (from the system firmware to the microcode in the CPU to the OS and the applications).

          Group "L" (KDE Neon Linux 5.21.2 User Edition)

          2 users thanked author for this post.
      • #2320762
        Alex5723
        AskWoody Plus

        It’s not really feasible to do that

        Yes, it is. Apple does that for the ‘billion’ apps in app store.

      • #2321077
        anonymous
        Guest

        Browser extensions are usually useful, sometimes fun — and occasionally dangerous.

        That’s the case for at least 28 browser extensions analyzed by Avast Threat Intelligence researchers

        more info from avast

      • #2321493
        WSeikelein
        AskWoody Plus

        Firefox YES,
        Everything else NO.
        Many hundreds of customers over the years, by far most of them “computer illiterate” (in their own words). Every single one of them gets installed Firefox with
        “uBlock origin”, ‘WOT – Web Of Trust” and “Facebook Disconnect”.

        AND: If a web sire does not work well with/in Firefox I tell my customers to NOT USE THIS WEB SITE instead of using Chrome or any of the other browsers.
        Works 99.99% of the time.

        I don’t recall anymore when and how I learned that Google can’t keep their extensions store clean – plus I don’t want to feed the by now probably biggest information gathering machine.

        • This reply was modified 2 months, 2 weeks ago by WSeikelein. Reason: Typo
        • #2321914
          doriel
          AskWoody Lounger

          plus I don’t want to feed the by now probably biggest information gathering machine.

          Well then abandon Windows. Firefox has fairly strong support on Linux distros, it should be the main playground for FF. And by the way I really like Vivaldi browser. Check its website here
          There are some bugs, but its improving everyday. If I submit discovered bug to its forum, developpers are listening to what I say. Its very pleasant experience.

          Dell Latitude E6530, Intel Core i5 @ 2.6 GHz, 4GB RAM, W10 1809 Enterprise

          HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

      • #2321565
        Northwest Rick
        AskWoody Lounger

        Google Chrome, MS Edge…  what are those?

        Give me a robust FF (heart of the Rebel Alliance) with a Brave back (when the snapping alligators teeming in the moat I have built around FF simply refuse to let something run…  good on FF and those crocks!)

      • #2321919
        anonymous
        Guest

        Thank you,  I have checked and found none of these but thanks for the heads up

        Joe M.

      • #2322593
        WSeikelein
        AskWoody Plus

        Well then abandon Windows

        doriel,
        I wish I could. I love my Linux Lite system. That was the distro I settled on when I was looking for something easy to transition to coming from Windows. Remember what my customers said about themselves?

        But the vast majority of my customers “naturally” run Windows, so I must have it and “know” it. How else could I help them?

        And despite my advanced years the additional income is highly appreciated by my wife and me.

        1 user thanked author for this post.
        • #2325254
          doriel
          AskWoody Lounger

          I understand.

          But the vast majority of my customers “naturally” run Windows, so I must have it and “know” it. How else could I help them?

          Im caught in that situation too.

          Dell Latitude E6530, Intel Core i5 @ 2.6 GHz, 4GB RAM, W10 1809 Enterprise

          HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

    Viewing 10 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, no politics or religion.

    Reply To: Warning! Malicious Browser Extensions

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.