Malicious Chrome extensions on the rise
27 Aug 2013
ZDNet, By Larry Seltzer
According to Fabio Assolini, Senior Security Researcher at Kaspersky Lab, attackers are increasingly using malicious Google Chrome extensions to compromise users.
Assolini specifically cites a one such example currently masquerading as a Facebook video. The malware, which is Turkish in origin and targeted at Italian users, hijacks users' Facebook accounts and web browsers. Assolini says they have also seen variants in Latin America.
Users don't use enough good sense when applying extensions in a browser, according to Asssolini. Extensions are highly-privileged, and they have access to all the data, passwords and websites visited by the user. As he described in a blog on earlier versions of this problem in January of this year, Kaspersky has seen malicious Chrome extensions hosted in the official Chrome Web store, and reports of them go back much further. Read more.