Live
- Indiramma beneficiaries to get Rs 5L in 4 phases: Ponguleti
- Abysmal road to educational institutions remains neglected
- Rice Millers’ Issue Stirs Political Controversy: Officials At A Loss Over Grain Retrieval From Mills
- Sports venue turned into helipad at Rushikonda palace
- YSRCP alleges cops’ threat to ‘social media activists’
- Gadwal: Five nabbed for online betting
- EC orders shifting of Maha DGP
- Govt draws fire over power true-up charges
- TTD EO releases Ammavari Brahmotsavam schedule
- Four electrocuted while arranging flexis in EG
McAfee warns against five Google Chrome extensions
Representational image
McAfee warns against five Google Chrome extensions - AutoBuy Flash Sales, Netflix Party, Netflix Party 2, Full Page Screenshot Capture – Screenshotting, and FlipShope – Price Tracker Extension.
McAfee, the cybersecurity firm, has warned against five Google Chrome extensions that redirect users to phishing sites and insertaffiliate IDs into cookies on e-commerce sites. The company claims that the five extensions have an installed base of more than 1,400,000 and threaten users' private data. These are Netflix Party (800,000 users), Netflix Party 2 (300,000 users), FlipShope Price Tracker Extension (80,000 users), Full Page Screenshot Capture Screenshotting (200,000 users), and AutoBuy Flash Sales (20,000 users). The extensions seem to be unavailable in the Chrome Store, but if users have them installed on their PCs, please remove them now.
McAfee adds that these five extensions have similar behaviour. In a blog post, the cybersecurity firm explains that the web application loads a multifunctional script (B0.js) that sends browsing data to a domain that the attacker control ("langhort[.]com"). Without getting too techie, some of the extensions send malicious links after 15 days to confuse researchers or attentive users.
The post adds, "We discovered an interesting trick in a few of the extensions that would prevent malicious activity from being identified in automated analysis environments. They contained a time check before they would perform any malicious activity. This was done by checking if the current date is > 15 days from the time of installation".
In a malicious attack, attackers send malicious links or redirect to malicious sites that entice users to share usernames and passwords. Once these are compromised, other personal information and bank details can be accessed and used against you. So, users are advised to avoid downloading suspicious extensions that are designed to improve their productivity. They should always check web links for misspellings or numbers in the URL.
McAfee advises its customers to be careful when installing Chrome extensions and pay attention to the permissions they ask for. The permissions will be displayed in Chrome before the extension installation. Of course, the company advises users to use its McAfee WebAdvisor, which might detect these malicious extensions.
