Popular Chrome extensions hijacked by hackers in widespread cyberattack — 3.2 million at risk

When you buy through links on our articles, Future and its syndication partners may earn a commission.
Just like you should with the apps on your phone, you also want to periodically go through your browser extensions and check to see which ones you have installed and what permissions you've given them access to. The reason for this is that you could have a malicious extension (or even several) installed in your web browser and not even know it.
As reported by Notebookcheck, a number of popular extensions that enable things like dark mode and adblocking in Google's browser have been hijacked by hackers, putting 3.2 million Chrome users at risk.
Although a malicious extension might not sound as dangerous as a malicious app on your phone, we store all sorts of personal and sensitive data in our browsers. From our browsing history and cookies to passwords and even payment information, all of this data can be stolen and used against us by hackers in their attacks.
Here's everything you need to know about this latest batch of malicious extensions along with some tips and tricks on how you can protect your devices and your data.
As is often the case with campaigns like this one, all of the malicious extensions in question are utilities designed to improve your browsing experience. From add-ons for YouTube to emoji keyboards and adblockers, each one of these extensions likely seemed useful enough that the Chrome users who installed them didn't think twice before doing so.
One thing that did stand out to the security researchers at GitLab Threat Intelligence that discovered these malicious extensions though is the permissions they requested access to. For instance, all of these extensions use permissions that allow them to interact with any website a user visits but they also let them inject and execute code on web pages.
While all of the extensions listed below have since been removed from the Chrome Web Store, you will still need to manually delete them if they're currently installed in your browser:
Blipshot (one click full page screenshots)
Emojis - Emoji Keyboard
WAToolkit
Color Changer for YouTube
Video Effects for YouTube and Audio Enhancer
Themes for Chrome and YouTube™ Picture in Picture
Mike Adblock für Chrome | Chrome-Werbeblocker
Page Refresh
Wistia Video Downloader
Super Dark Mode
Emoji Keyboard Emojis for Chrome
Adblocker for Chrome - NoAds
Adblock for You
Adblock for Chrome
Nimble Capture
KProxy
Normally with malicious extensions or apps, they're made from the ground up with the sole purpose of stealing data and their advertised functionality is an afterthought or just tacked on so that they can be listed in an official store. With the extensions above though, this wasn't the case at all.
Instead, these were actual, legitimate extensions that went bad as a result of having malicious updates injected into them. The way in which the hackers gained control over these extensions is also a bit different.
While some of their developers fell victim to phishing attacks which led to their extensions being outright hijacked, others willingly transferred control of their extensions over to the hackers behind this campaign.
So what was the purpose behind gaining control of these extensions in the first place? Well, some were used to inject harmful scripts into the browsers of unsuspecting users, others stole their data and some engaged in search engine fraud to drive clicks (and ad revenue) to hacker-controlled sites.
If you have any of these extensions installed in Chrome, you should remove them immediately and use one of the best antivirus software solutions to scan your computer for signs of malware or other viruses.
In a similar way to how plug-ins can enhance your favorite software, browser extensions can make using the web more more convenient while also giving you the ability to customize certain aspects of your favorite sites.
The problem though is that few browser extensions aren't as big or as popular as the apps on your smartphone. In fact, many extensions are made by solo developers or smaller companies which can make it more difficult to tell whether or not they are legitimate. This is why you want to carefully examine all of the permissions an extension requests access to before installing it and especially before granting access to them.
Unnecessary permissions can be found in loads of extensions and apps which is why you need to ask yourself if this particular extension or software really needs access to them in the first place. The permissions an extension requests can also serve as a major red flag and help you decide whether or not it's malicious.
Reading reviews and looking at ratings can help weed out the bad ones but you also want to take both of these with a grain of salt since they can be faked. It may be difficult to find but it's always a good idea to look for an external review — or better yet a video review — on an extension you want to install first before you add it to your browser.
As I covered in the campaign described above, even good extensions can go bad which is why you should periodically audit which extensions you have installed in your browser. If you haven't used a particular extension in some time, it's better to remove it from your browser than to keep it installed. Likewise, by limiting the number of extensions you have installed, you can lower your chances of having a malicious one in your browser significantly.
Whether its extensions or apps, hackers and other cybercriminals aren't going to stop spreading malicious software anytime soon. This is why it's up to you to practice good cyber hygiene, limit how many you have installed and think carefully when granting a particular extension or app access to the permissions it requests upon installation.
Billions of Chrome users at risk from new browser-hijacking Syncjacking attack
Thousands of WordPress sites hijacked to spread Windows and Mac malware
More than 3.3 million people hit by employee screening data hack — what you need to know

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Gizmodo

3 hours ago

• Gizmodo

Say Goodbye to YouTube Ads Forever: Here's the VPN Trick You Need

Without YouTube Premium, you're doomed to watch ads every few minutes, sometimes more often. If you're exhausted by head-spinning ads, consider purchasing a YouTube Premium subscription. Sensible, right? Well, not for everyone. YouTube Premium's recent price increases made it unaffordable for many. People online have found a simpler way to block YouTube ads. You wouldn't believe it, but these two VPNs make YouTube ads vanish in seconds! NordVPN and Surfshark are renowned for their reliability. They provide exceptional privacy, streaming prowess, and compatibility with all devices. While both VPNs include ad blockers, they've become ineffective in blocking YouTube ads. Well, that's what most people thought. Namely, when you use NordVPN or Surfshark and connect to a server in Albania, YouTube ads suddenly disappear. Having tested the trick, we realised it's true. You may be wondering how this works. Avoid YouTube Ads With NordVPN As many people there have reported, YouTube doesn't display ads in Albania. Simultaneously, NordVPN and Surfshark work like all other VPNs. They allow you to connect to a remote server and use its IP address. Given these VPNs' strong presence in Albania, connecting to an associated server is a breeze. With the Albanian IP address, users can overcome YouTube ads and enjoy an experience similar to what YouTube Premium provides. Things like adding videos to the queue and playing videos with the screen off aren't there. At least, you won't notice any ads, allowing for uninterrupted entertainment on all devices. While YouTube is a big part of our lives, splurging on a VPN gives you much more. Watching YouTube without ads is just a speck in the universe of possibilities. One of them is very popular, and it's bypassing geo-blocks. NordVPN and Surfshark are particularly effective at streaming and unblocking many websites. They offer over 100 locations globally, with modern 10 Gbps servers and fast protocols to enable industry-leading speeds. Many people latch onto torrenting as a perk. Both VPNs are equipped with optimised servers for P2P. In addition, they provide MultiHop (Double VPN) capabilities for double the encryption and more security and privacy. All-around VPNs like these are fantastic for gaming, and you can even enable them on public WiFi networks for added protection. If you're an avid traveller, more privacy and ad-free YouTube enjoyment sounds exciting. No bandwidth limits mean endless possibilities, but more importantly, you don't need wealth to get them. NordVPN and Surfshark cost pennies these days, so you don't have to ditch your summer vacation for their subscriptions. Try Surfshark risk-free today

Tom's Guide

13 hours ago

• Tom's Guide

7 Apple TV 4K settings to change now for the best results

The Apple TV 4K is one of the best streaming devices, and it just got a big update at WWDC that will take tvOS to new heights. As much as we like it, however, it's still not a perfect system right out of the box. There are a few settings you might want to consider changing for optimal performance. Luckily, Apple has made it pretty easy to sift through the settings on this device, with many of the options we need right in the Video and Audio section. Here's which ones you need to change, and which ones you can leave alone. Let's start with the most obvious setting: Video Format. This might surprise you, but I usually recommend setting this to 4K SDR. Once this is set properly, you don't have to see that annoying black flash when content switches from SDR to HDR formats. It's pretty prevalent on YouTube and other platforms, and it might make you think there's a problem with the device. Thus, it's best to keep the main video format to 4K SDR (or 1080p SDR if you aren't using a 4K TV). This won't diminish quality by any means. In fact, it could make menus and other content that's being force-converted into HDR look a little better. Chroma subsampling refers to the way color is transmitted via compressed video data, and in the case of the Apple TV 4K, you have a couple options to choose from depending on the TV that you're using. Get instant access to breaking news, the hottest reviews, great deals and helpful tips. Chroma 4:4:4 is the way to go if your TV supports it and if you're using an applicable HDMI cable. Switching to 4:4:4 essentially gives you access to the full color array and will make menus a bit more vibrant. You'd be hard-pressed to see any noticeable changes in general content, though. You also might have to change your HDR settings first before you can get the full benefits of any chroma tweaks (and this setting will revert back to 4:2:0 if you adjust video output at all). Unfortunately, my TV only supports Chroma 4:2:2, but it's better than 4:2:0 — even if the latter is largely favored for its increased reliability. If you do run into any signal failures, like flickering or black screens, you can always switch back to 4:2:0, which I'd recommend if you're using an overly long HDMI cable or one of the best projectors. The HDMI setting on the Apple TV 4K controls the color space in digital video content, which goes hand-in-hand with chroma and brightness. There's really no need to change this setting unless it's not already set to YCbCr. You will have three total options to choose from, including RGB High, RGB Low, and the aforementioned YCbCr. The latter is your best bet to obtain the best possible performance on the Apple TV 4K, whereas RGB might be better if you were running a different type of device. You could also consider RGB High or Low if you were using one of the best monitors with your Apple TV 4K, but I'm not sure there's a huge audience for that. There are also some TVs that might look slightly better with RGB enabled, but for our purposes we're going to stick with YCbCr. Right below the chroma setting you'll find the "Match Content" setting, which will allow the Apple TV 4K to automatically switch from SDR to HDR and from 24Hz to 30Hz depending on what's playing on the screen. Thus, you'll want to enable both Range and Frame Rate. Once enabled, you don't have to worry if your device is setup correctly for when a Dolby Vision movie is playing at 24Hz. The Apple TV 4K will simply set itself to the right settings to get that crisp cinematic feel without any extra fiddling on your part. "Range" in this case not only refers to HDR, but also other factors like motion clarity. It largely depends on the content you're watching, but it's highly recommended to change this right out of the box. At the bottom of the Video and Audio section, you'll find all the audio settings we need to change. From here, you can set it so that your audio output will play from other connected speakers if you'd like, or just rely on the TV speakers if you'd prefer that. You can also check to see if your TV has any surround sound functionality built into it under the Audio Format section. Given that the Samsung S90D OLED TV I'm using has Dolby Atmos support, it's listed among available formats, but most users should just leave it set to Auto. There are also a few other notable settings here that you could tweak, like Enhance Dialogue and Reduce Loud Sounds. As their names suggest, they amplify and diminish certain audio cues to make audio sound slightly better. I'd recommend Enhance Dialogue above all else, but this comes down to user preference. Lastly, I recommend turning off Navigation Clicks. It doesn't offer too much aside from noisy feedback when you move about the menus. One extra setting I would change is the clickpad functionality. This is another preference thing, so don't feel it's an obligation. Still, this can get pretty annoying — most especially if you have Navigation Clicks enabled in the Audio tab. Better to just keep it to Clicks Only as it just makes navigation so much more fluid. While you're here, you can also change the TV Button to the Home Screen if you'd prefer that over jumping into Apple TV Plus. It would be cool if Apple let you set this to any application, but makes sense it's just Home or Apple TV Plus in this case. Also scroll to the bottom and turn on the CEC functionality, which is titled as just "Control TVs and Receivers." This allows you to use a single remote instead of two so you're not stuck rummaging for multiple remotes when it's time for a movie or show. Last but not least, there are a few settings in the General section that you may want to consider changing. A big one is the appearance. I immediately changed this to Dark Mode, which I find to be easier on my eyes, but you might prefer it in the Light setting. You can also adjust how long it takes before the Apple TV goes into sleep mode. It's set to 15 minutes on default, but this can be as short as 5 minutes or as long as 4 hours. You could set it to "Never" so the Apple TV never goes to sleep, but your energy bill might not be too happy. In General, you'll also find some notable Privacy settings: Although the Apple TV 4K is still the best streaming box when it comes to privacy, a couple settings are important here, like Share Apple TV analytics, Improve Siri & Dictation, and Location services. You could turn these off you'd prefer, but they do help Apple improve its products. Make sure you enable "Allow Apple to Ask to Track" in the "Track" setting. This ensures apps must ask you to track data after they're installed, making it harder for certain brands to use your data against you. You can go down the list and see which apps are using data from various features, like Bluetooth, Photos, Microphone, and Camera. It's a good habit to keep an eye on this, especially if you have kids who might not be so inclined to read want they're opting into at any given moment.

Android Authority

13 hours ago

• Android Authority

This new Chrome feature has forever changed the way I shop online

Ryan Haines / Android Authority As an avid runner in the middle of marathon training, I go through a lot of shoes — like, a lot of shoes. When averaging 50 miles per week, I can burn through a pair in a little over a month, and then it's time to treat myself. That said, I'm not made of money. I can't just run out and pay full price every time I need fresh foam under my feet. So, I have to be careful about looking for deals and spending wisely. And now, a new Chrome extension has made that easier than ever. Here's how. Chrome keeps tabs on my tabs for me Ryan Haines / Android Authority The idea of an extension to track product prices in a web browser is nothing new. My colleague Rita praised the popular Amazon tracker CamelCamelCamel when she asked me if I'd tried Google's version. At the time, I hadn't given Google's shopping insights a shot yet, but I'd used (and liked) the version that Microsoft introduced to Edge a while back. The only problem is that I mostly work on a MacBook Air, and the last thing I need is a third browser kicking around. When I found out that Google had added a similar feature to Chrome, which I use across my Android phone of the week and my laptop, I was ready to try it out. And, as it turns out, the setup process couldn't be more straightforward — open a product page, tap the Track Price button, and wait to see how it fluctuates over time. Naturally, I took it as a sign to monitor about half a dozen running shoes. I always liked Edge's shopping insights, but they're much more useful on Chrome... because I actually use it. See, right now, I'm in the market for a faster daily trainer that I can use for a few workouts. That means a relatively new launch like the Adidas AdiZero Evo SL, New Balance Rebel v5, or the Asics Novablast 5. So, I opened all their product pages, added the Skechers Aero Spark for good measure, and set up my price tracking reminders. At this point, I've only been following my selected footwear for about a week, so there hasn't been much movement. That said, a few of the shoes — the Evo SL and the Aero Spark — have been on the market for long enough that they've gained pricing history. I can slide along a timeline for both shoes, noting when they've been discounted and hoping for new deals. Would you use a Google-based shopping tracker? 0 votes Yes, I use shopping insights in Chrome already NaN % No, I use another shopping tracker NaN % No, I'm not interested NaN % Different tasks for different screens Ryan Haines / Android Authority As an elder member of Gen-Z, I've reserved different screens in my life for different purposes — or rather, purchases. Basically, the more important the product, the bigger the screen I have to buy it on. Surprisingly, it seems like Google feels the same way. For me, price tracking on my phone is mainly reserved for monitoring how much something will cost. I probably won't go through the checkout process on my Pixel, but I'll always know what I'm about to pay. With Google's price tracking in Chrome, that's perfectly fine. If you have tracked products open in other tabs, whenever you go to the Switch Tabs menu, you'll see a quick pricing badge pop up, indicating either a price increase or decrease that you can reference quickly. When you're ready to buy, it seems like Google would rather you switch to a medium screen like a Chromebook or Windows laptop. I say so because instead of throwing out price change badges, Chrome for desktop offers discount badges. When you see one, you can easily copy and paste the discount code to your cart, taking some guesswork from checking sites like RetailMeNot or SimplyCodes. I've yet to see one of these coveted discount codes, though, probably because I'm looking for relatively new running shoes. Also, as expected, Google treats iOS and iPadOS like Android in terms of shopping insights. Both platforms get price alerts and easy history tracking over discounts, which is helpful for research purposes before you open the same tab on your laptop to finish the job. How much tracking is too much? Ryan Haines / Android Authority Unfortunately, though, I think Google's shopping insights are sometimes a bit too focused. In this extended running shoe example that you're probably tired of reading about — as are many of my friends — it's pretty clear that I've narrowed down which models I'm interested in. However, I'm not nearly as picky when it comes to colors, so I've just been setting up tracking notifications for the first colorway that pops up. Sometimes it's fine, like the Novablast 5 that defaulted to an easy-to-wear beige I won't mind dirtying up. Other times, it's not so easy. I opened the product page for the Adidas Evo SL in a bright yellow colorway — think as neon as a middle school boy would wear — and set up notifications right away. At first, I thought nothing of it, figuring Chrome would also track the other colorways on Adidas's website. I was wrong. At least with shoes, when you set up notifications for one colorway, that's all you get — and only from that site. I would much prefer to know if another colorway dropped so I could consider it, or even be sent to another retailer, but that's not how Google rolls right now. And, with how I carefully research before buying, it looks like I'll have two dozen tracking insights set up before I buy a new pair of shoes. Is that too many? Yes, probably, but at least I know I'll get the best price along the way.