Rogue Chrome Extensions Hit Users

Wednesday, February 5, 2014 @ 05:02 PM gHale


Google just removed two ad-injecting Chrome extensions from the Chrome Web Store, but there may be more, researchers said.

Security researchers from Barracuda Labs have been monitoring rogue Chrome extensions since October 2012. A new spam campaign they’ve been observing over the past few weeks involves 12 Chrome extensions designed to inject ads on 44 popular sites.

RELATED STORIES
New Chrome Fixes Memory Bug
Apple Fixes Safari in New OS Release
Password Leakage in Safari
Google Fixes Chrome Hole

Over 180,000 users have installed the extensions disguised as Logo Quiz, Counter Strike Portable, Pac Man, Snail Bob 2, Angry Halloween, Pong, Smart Soccer and other popular games.

The 12 rogue applications had been on the Chrome Web Store until at least January 30.

These pieces of software request permission to access website data, tabs and browsing activity. This way, when the victim visits a certain site, ads end up injected. Each time the ads display or end up clicked on, the developer of the rogue Chrome extensions makes a certain amount of money.

Researchers said the same group that developed ad-injecting extensions disguised as the Angry Birds game back in 2012 is responsible for this campaign. However, at the time, they operated under the name playook.info, while now they go by konplayer.com.

“As we always advised, Chrome users should be very careful if you intend to install Chrome extensions — even if it is from the Google Chrome web store. Use some common sense to judge whether you need to grant permissions to any extensions. If any of the permissions seem beyond the fence of what it should do, do not install it,” Barracuda Labs researchers said in a blog.



Leave a Reply

You must be logged in to post a comment.