View Full Version : Google's Chrome Web store is now used to spread malware

04-01-2012, 09:54 AM
Chrome browser extensions secretly hijacking users' Facebook profiles.


According to Kaspersky, you have to be careful installing Google Chrome extensions, as some of them could hijack your personal data.

According to Kaspersky Lab expert Fabio Assolini, crooks have found another way to hijack your user info. Now, the official Google Chrome Web Store recently store some browser extensions that can secretly gain control to the users' Facebook profiles.

One malicious extension hosted on Google's own servers contained hidden code that "can gain complete control" of the user's Facebook profile. The extension then used that access to spread malicious messages and register Facebook Likes for certain items, also inviting fellow users to install it. The same operators advertised a service that delivered Likes of companies looking to promote their profiles. It costs about $27 per 1,000 Likes.

The company distributing this malicious extension was unnamed in the report as was the specific app. Assolini said Google personnel removed the malicious extension shortly after Kaspersky reported it to them. "But we noted the bad guys behind this malicious scheme are uploading new extensions regularly, in a cat and mouse game," he warned. He didn't elaborate on the number of extensions or how long he's been observing them other than to say the malicious app Kaspersky discovered had 932 users.

So, if you use Chrome, you'll now have to be very careful before installing an extension.

NEWS SOURCE: http://arstechnica.com/business/news/2012/03/googles-chome-web-store-used-to-spread-malware.ars

Our thanks to 'Gauss' for this news story!

04-01-2012, 10:19 AM
why the hell not just publish the name and developers of this crap to warn people?