If you use Google Chrome, listen up: You may be running malicious extensions without even knowing it. As reported by The Hacker News, cybersecurity researchers with Socket’s Threat Research Team have identified 108 extensions available in Google Chrome that steal login credentials, user IDs, and browsing data. All 108 extensions route that information back to servers controlled by a single operator, despite these extensions being published by five different developers (GameGen, InterAlt, Rodeo Games, SideGames, and Yana Project). These extensions collectively have around 20,000 installations, which isn’t a massive pool of targets considering Chrome’s 3.62 billion users, but is still a concern given the number of extensions involved in this coordinated scheme.
Socket’s team identified that there are some key categories these extensions are published under: Telegram sidebar clients, which display a working Telegram chat interface in the browser; slot machine and Keno games, which offer a playable gambling experience;
...Keep reading this article on Life Hacker.
