Interviewtimes 
All major web browsers like Chrome, Bing, Safari, and other platforms offer thousands of extensions that can be distributed through online stores. The most popular plugin has over 10 million users.
However, not all browser extensions are safe, as “even seemingly harmless add-ons can pose real risks.” The report adds that these malicious add-ons pretend to be important, often combining legitimate and illegal functionality. Some even pretend to be “popular and legitimate extensions”.
The cyber attackers who handle them add some keywords to make them appear at the top of the browser’s extension store.
Why browser extensions are popular?
Browser extensions are popular because they allow users to increase their convenience, productivity and efficiency for free. These add-ons help users block ads, maintain to-do lists, check spelling, and more.
How are malicious add-ons distributed?
Official extension marketplaces available in major web browsers are usually the source of these unwanted add-ons. According to reports, in 2020 Google removed 106 browser extensions from the Chrome Web Store that were used to steal sensitive user data such as cookies and passwords. The report also points out that Capable of taking screenshots of a user’s personal data, these malicious extensions have been downloaded 32 million times. These malicious add-ons haven’t only attacked individual users, but also multiple companies.
Users attacked by malicious browser extensions
4.3 million unique users were attacked by hidden adware with a browser extension between From January 2020 to June 2022, almost 70% of all users of malicious addons ounce. The report adds this throughout the first half In 2022 he has over 1.3 million users tried Download unwanted extensions at least once, was more than 70% of users are consistently affected by the same threats all of last year.
According to the report, the most common threats are In the first half of 2022 there was a WebSearch family of adware extensions that could be collected. Analyze and promote search queries affiliate link. These numbers are Browser extensions are important adware delivery Channels compared to other deliveries mechanism. But these are just numbers users using Kaspersky’s software. These numbers will increase as users are also protected by other security providers consideration.
Top threats for 2022
Among all major malicious browsers WebSearch extension is said to be the biggest threat. The company also detects related extensions that imitate productivity tools like DOC to PDF converters and utilities for merging documents by 2022, it has already reached 876,924 users by now.
In addition, WebSearch is also possibly capable to change browser’s home page and make money from overtime through clicks on relevant links in the search results.
The second most common threat was ‘AddScript’ which attacked 150,000 unique users. It can run in the background and the extensions carries also provide those download promised features Video from the web.
This malware is on the rise advertising revenue using JavaScript acquired later installation to run videos in the background record the “views” of your YouTube channel.
Additionally, AddScript inserts an affiliate cookie Receive commission on host purchase from the browser.
‘DealPly’ was the third most popular adware infection of user devices by malicious devices extensions that caused the above 90,000 infection attempts in the first half of the year. The report mentions this adware starts installing pirated software such as KMS activators and game cheat engines download from peer-to-peer networks shady place. Then automatically inject browser extensions and new registry additions key. These keys are deleted when the user deletes extension, it downloads again, If the program is installed in the browser it will be rebooted.
How to stay safe
The report also recommended some ways by which one can protect browser from adware infection. User must download the extension from the official webshop of the browser. Previous Users must also leave if they download them through user comments and ratings, Along with running background checks Developer/Publisher.
It is better to encourage and review the privacy policy and data collection practices of extensions that request sensitive permissions to provide promised functionality. Finally, users should try to use the bare minimum of extensions and regularly check for already installed add-ons. Users should also remove add-ons that they believe were installed without consent.
