Researchers at cybersecurity firm Radware warn of rogue Chrome extensions that.a. login data stealing. The terms of seven pieces, which by now all by Google from the Chrome Web Store are removed.
Still have the extensions for a while online been and in that time more than 100,000 Chrome-users will come in contact, according to Radware. They were via Facebook sent a link to a fake YouTube page, followed by a pop-up asking the extension to install.
Then could the virus have started saving and were under more usernames and passwords from Facebook – and Instagram-accounts stolen. You guessed it: that way I could have more links to the extensions from these social networks be sent. It was also on the pcs of victims a cryptominer installed. That gave cyber criminals more than $ 1000 in cryptovaluta.
The extensions in question were distributed under the following names: Nigelify, PwnerLike, Alt-j, Fix-case, Divinity 2 and Original Sin: Wiki Skill Popup, Keeprivate and iHabno. In most cases, the after-apers of existing extensions that do just be safe, but then so adjusted that there is dangerous code in the injection.