Recent cybersecurity research revealed that millions of users are affected by malicious browser extensions. The study tallied nearly seven million users, of whom 70% were affected by obfuscated adware containing malicious ads.
The telemetry data collected showed a report of more than 1.3 million attempts by users to install malicious extensions in the first half of this year, implying that the attempts have increased compared to the last year’s results.
In addition, the security company that observed the adware have seen extensions that targeted over four million users from January 2020 to June this year. 70% of those extensions were hostile during those time.
Fortunately, experts have obstructed over six million users from downloading adware, malware, and riskware, threatening actors disguised as browser extensions.
Utility tools were the main target to spoof by the adware in their malicious browser extensions.
Separate security researchers spotted several related malicious browser extensions that targeted about 900,000 users this year. These extensions impersonate productivity tools, such as PDF to DOC converters and document merging apps to attract users effectively.
There is also social media-based malicious browser extension such as FB Stealer, which is one of the most hostile strains from its malware family. FB Stealer is adware endorsed by threat actors as a replacement for search engines and to harvest information from Facebook.
Furthermore, the AddScript adware extension was utilised by threat actors to attack about 150,00 unique users. This adware was found by researchers hiding in web browser extension scripts.
The other well-known adware family discovered on targeted devices using malicious extensions is called DealPly. DealPlay is an adware that caused infection attempts to approximately 97,000 users this year.
Unfortunately, reports revealed that the Websearch extension is unavailable in the Google Chrome Web Store.
Cybersecurity experts recommended that users should only use trustworthy sources to download software. They also advise users to review and thoroughly examine add-on extension requests before agreeing to its terms. Lastly, users should limit the number of extensions they utilise and constantly check it with competent security solutions.