Technology is at a fast pace and your attempts to keep up and get the most out of your gadgets could be potentially dangerous. Installing some extensions on your Chrome browser could expose your passwords and other personal information to hackers, experts have warned. In a recent investigation, some tech aficionados uncovered malicious extensions that millions of users have installed.
Discover our latest podcast
Not worth it
Cybersecurity firm, Guardio Security recently found that at least 30 of such dangerous extensions operate as apps that perform seemingly innocent tasks like changing the colour and look of webpages. Unbeknownst to users, these apps are typically the trojan horses that give hackers access to your passwords, banking details and other personal information you’re not to share with anyone. Guardio Security’s Nati Tal is quoted by The Sun as saying:
By mid-October 2022 there were at least 30 variants of this extension part of a campaign for both Chrome and Edge. No extension that makes a fine-looking website look dark and ugly is worth it…
‘Dormant colours’ campaign
These extensions may look genuine but once you install them, hackers can hide behind them to take over your searches. The so-called ‘dormant colours’ campaign is reportedly still active as hackers are constantly developing similar extensions to replace those have been found out. The Chrome extensions hijack searches and insert affiliate links into web pages. According to Tal:
At the end of the day, it’s not only affiliation fees being collected on your back, this is your privacy as well as your internet experience being compromised here, in ways that can target organizations by harvesting credentials and hijacking accounts and financial data.
Beware of extensions that have ‘colour’ or ‘style’ in their names.
Sources used:
The Sun: Urgent Google Chrome warning for millions – mistake reveals your passwords to crooks
Cybersecurity Help: Dormant Colours malvertizing campaign steals browsing and search data
Security Affairs: Dormant Colours campaign operates over 1M malicious Chrome extensions