Be careful of these 4 malicious Google Chrome extensions

Apps Software

oi-Samden Sherpa

The Google Chrome extensions that have been identified by analytics firm ICEBRG are Change HTTP Request Header, Lite Bookmark, Stickies, and Nyoogle.


Earlier this month we reported that a popular Google Chrome extension called Archive Poster was reportedly misbehaving and had turned into an in-browser cryptocurrency miner. In a new development, security researchers have now detected four more malicious extensions on the Google Chrome browser. While the extensions have been taken down, they attracted some half-a-million active users.

Be careful of these 4 malicious Google Chrome extensions

The extensions have been identified by analytics firm ICEBRG as Change HTTP Request Header, Lite Bookmark, Stickies, and Nyoogle. ICEBRG said the four were likely employed for a click-fraud scam operation with the clear purpose of generating revenues.

ICEBRG ha notified Google and other stakeholders on the matter. As such, extensions like Change HTTP Request Header, Lite Bookmark, and Stickies have been removed from the Chrome Web Store. Nyoogle is still available to download, but Google has yet to issue a statement on the matter.

If you take the worldwide statics, Google Chrome basically is the most popular global web browser in terms of usage. As a result, the browser is a default favorite for cyber attacks. While the browser is known for its vaunted security features, mainly for its security sandbox and quick deployment of vulnerability patches, cybercriminals seem to always find an ingenious workaround to crack the protective shell put up by Google.

It appears that these criminals are tapping loopholes that exist on the Chrome Web Store to penetrate Google’s security protocols implemented on its web browser. The attackers’ latest weapon, it turned out, is a loaded browser extension.

According to ICEBRG making use of such tactic is quite effective, as malware authors take advantage of the system, which seemingly enjoys robust security, that governs the use of browser extensions found on the Chrome Web Store.

“In this case, the inherent trust of third-party Google extensions, and accepted risk of user control over these extensions allowed an expansive fraud campaign to succeed. In the hands of a sophisticated threat actor, the same tool and technique could have enabled a beachhead into target networks,” the security firm said in its comprehensive report.

Google tango, the augmented technology AR – GIZBOT

Meanwhile, the security firm has warned that the threat implications are high and true for both the average consumers and enterprise users. According to the report, the extensions managed to expose the system of some 500,000 Chrome users.

However, the security firm has also offered a brief description of how the weaponized extension works out. “By design, Chrome’s JavaScript engine evaluates (executes) JavaScript code contained within JSON. Due to security concerns, Chrome prevents the ability to retrieve JSON from an external source by extensions, which must explicitly request its use via the Content Security Policy (CSP),” ICEBRG said.

“When an extension does enable the ‘unsafe-eval’ permission to perform such actions, it may retrieve and process JSON from an externally-controlled server. This creates a scenario in which the extension author could inject and execute arbitrary JavaScript code anytime the update server receives a request.”

With this incident, Google Chrome users should basically keep a safe distance from browser extensions, specifically those coming from third-party providers.

Best Mobiles in India

  • Samsung Galaxy S21 FE 5G


  • OPPO Reno7 Pro 5G


  • Xiaomi 11T Pro 5G


  • Vivo V23 Pro 5G


  • Apple iPhone 13 Pro Max


  • Vivo X70 Pro Plus


  • OPPO Reno6 Pro 5G


  • Redmi Note 10 Pro Max


  • Motorola Moto G60


  • Xiaomi Mi 11 Ultra


  • Apple iPhone 13


  • Samsung Galaxy S22 Ultra


  • Apple iPhone 13 Pro


  • Samsung Galaxy A32


  • Apple iPhone 13 Pro Max


  • Samsung Galaxy A12


  • OnePlus 9


  • Redmi Note 10 Pro


  • Redmi 9A


  • Vivo S1 Pro


  • Motorola Moto G32


  • OnePlus Ace Pro


  • Oppo K10 Energy


  • ZTE nubia Z40S Pro


  • Vivo Y30 5G


  • Infinix Note 12 Pro 4G


  • Honor X40i


  • Nokia 2660 Flip


  • Nokia 5710 XpressAudio


  • Nokia 8210 4G


Story first published: Thursday, January 18, 2018, 15:45 [IST]

Leave a Reply

Your email address will not be published. Required fields are marked *


One Account On Two Smartphones? – Gizbot News

        Features oi -Alap Naik Desai | Updated: Tuesday, November 15, 2022, 14:47 [IST] WhatsApp has been rolling out features quite aggressively. After the Communities feature, the instant messaging platform could soon offer missed call alerts that are DND (Do Not Disturb) compliant. Interestingly, users could also be allowed to operate a […]

Read More

Twitter Position Cuts: What Are Electronic Layoffs and What Do They Suggest for Staff members and Companies?

Elon Musk is progressing options to slim down Twitter because he bought the 396-million-member system for $44 billion (approximately Rs. (around Rs. 3,58,650 crore) on Oct 27. Musk’s deal has taken Twitter private, dissolved the platform’s board and improved his unilateral ability as CEO. But mass redundancy bulletins made because he took regulate have been […]

Read More

WhatsApp rolling out Communities feature globally – Gizbot News

        News oi -Sharmishte Datti | Updated: Thursday, November 3, 2022, 15:38 [IST] WhatsApp has been working on several new features, including the anticipated ‘Communities’. Meta CEO Mark Zuckerberg announced that WhatsApp will begin the rollout of the Communities feature for Android, iOS, and the web with global availability in the coming […]

Read More