Wednesday 20 October 2021
- Advertisement -
HomeEducationCybersecurity agency warns users about Google Chrome extensions

Cybersecurity agency warns users about Google Chrome extensions

The cybersecurity agency advised Internet users to only install extensions which are absolutely needed and refer user reviews before doing so


The Computer Emergency Response Team of India (CERT-In) has advised users to exercise caution while installing Google Chrome extensions. The company said that it removed over 100 malicious extensions after they were found collecting sensitive user data. CERT-In also said that it found these extensions contained code to bypass Google Chrome’s Web store security scans. CERT-In comes under the Ministry of Electronics and and deals with cybersecurity threats.

Also read: Chinese hackers attacked Indian sites 40,300 times in 5 days

The malicious extensions had the ability to take screenshots, read the clipboard, harvest authentication cookies or grab user keystrokes to read passwords and other confidential information, said the agency.

“It has been reported that Google has removed 106 extensions of the Google Chrome browser from the chrome web store which were found collecting sensitive user data,” the agency said in the advisory.

Also read: Apps with Chinese connection banned in India: TikTok, UC Browser, 57 others

“These extensions reportedly posed as tools to improve web searches, convert files between different formats as security scanners and more,” it added. The federal cybersecurity agency suggested users to uninstall Google Chrome extensions with IDs given in the IOCs section.

Users can visit the chrome extensions page and subsequently enable developer mode to see if they have installed any of the malicious extensions and then remove them from their browsers, it said.

Last month, researchers had said that spyware effort attacked users through 32 million downloads of extensions to Google’s Chrome web browser. Google had said that it removed more than 70 of the malicious add-ons from its official Chrome Web Store after being alerted by the researchers.

Most of the free extensions purported to warn users about questionable websites or convert files from one format to another. Instead, they siphoned off browsing history and data that provided credentials for access to internal business tools.

In January this year, Google had all the commercial extensions in the wake of a significant increase in the number of fraudulent transactions that aim to exploit users.

Malicious developers have been using Google’s Chrome Store as a conduit for a long time.

The agency advised users to only install extensions which are absolutely needed and refer user reviews before doing so. They should uninstall extensions which are not in use, it said, adding that users should not install extensions from unverified sources.

Sirf News needs to recruit journalists in large numbers to increase the volume of its reports and articles to at least 100 a day, which will make us mainstream, which is necessary to challenge the anti-India discourse by established media houses. Besides there are monthly liabilities like the subscription fees of news agencies, the cost of a dedicated server, office maintenance, marketing expenses, etc. Donation is our only source of income. Please serve the cause of the nation by donating generously.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

- Advertisment -