IT Security Outsourced IT

Chrome Extension Threats

What are Chrome Extension Threats?

Google Chrome extensions are available in the Google Chrom store, and they small pieces of software that perform functions or add features to a browser client. Malicious extensions in Google Chrome can be used by cyberattackers remotely in order to steal sensitive personal information, commit fraud, mine cryptocurrency, modify cookies, steal cookies, launch DDoS attacks, and more. Cloud9 is browser botnet that is a remote access trojan (RAT), allowing the cyberattacker to remotely execute commands. The Cloud9 extension is not available in the official Chrome store, but has been spreading through websites that push fake Adobe Flash Player updates. The following tips can help you to protect yourself from malicious Google Chrome extensions:

Before Installation

Before installing an extension, consider doing the following:

  • Visit the developer’s website to confirm that it is a legitimate extension and that the extension is updated regularly
  • Read the description and look for signs that it may be suspicious, such as data sharing and tracking info
  • Read the reviews, looking for complaints about odd occurrences, speculation about data being taken, and fake reviews

During installation

When installing an extension, consider doing the following:

  • Be sure that the extension is needed and that it is worth the security risk that results from expanding the attack surface
  • Be sure that the extensions comes from a trusts source that thoroughly reviews extensions for malicious content
  • Use antivirus protection that can detect and neutralize malicious code in browser extensions
  • Review permissions to be sure that extensions only have permissions to perform tasks that are necessary for its functionality. Examples of permissions that extensions may require include downloads, desktop capture, cookies, bookmarks, VPN provider, video capture, USB, tab capture, proxy, privacy, history, audio capture, browsing data, and content settings.

After installation

  • Review the extensions that are already installed in Google Chrome by clicking the three dots to the right of the address bar, selecting “more tools”, and then selecting “extensions”
  • Delete and investigate any unrecognized or unused browser extensions
  • Reassess the necessity of the extensions that you already have to be sure that the functions and features that they are the best tools currently available