Malicious Chrome extensions on the rise

Kaspersky Lab has observed in increase in the use of malicious Chrome extensions to compromise users. The latest pose as a Facebook video.

According to Fabio Assolini, Senior Security Researcher at Kaspersky Lab, attackers are increasingly using malicious Google Chrome extensions to compromise users.

Assolini specifically cites a one such example currently masquerading as a Facebook video. The malware, which is Turkish in origin and targeted at Italian users, hijacks users' Facebook accounts and web browsers. Assolini says they have also seen variants in Latin America.

Users don't use enough good sense when applying extensions in a browser, according to Asssolini.  Extensions are highly-privileged, and they have access to all the data, passwords and websites visited by the user. As he described in a blog on earlier versions of this problem in January of this year, Kaspersky has seen malicious Chrome extensions hosted in the official Chrome Web store, and reports of them go back much further.

Google has, over time, modified Chrome in order to make such attacks more difficult by eliminating the ability to install extensions outside of the store and removing the possibility of silent installation. Kaspersky recommends that users scrutinize the permissions requested by the app at install time, although non-experts are not in a position to judge which permissions are appropriate.

Kaspersky products detect and block such attacks, according to the company.

The dialog box in this image, according to Kaspersky, tells the user they should update their Google Chrome.