The scam started in March last year, and so far information is known about at least seven infectious browser extensions, security researchers from Radware were quoted as saying by Ars Technica. Google's security team removed the problematic apps that appeared right on the official Chrome Web Store page, where users can download web browser extensions.
When Google searched for dangerous extensions, it found that five of the seven reported no longer exist in the Chrome Web Store. The main extension was sent via messages on the social network Facebook, which sent to a fake YouTube page, where the user was asked to install an extension.
The code was used to steal users' data by forwarding the link and at the same time using the host computer to mine cryptocurrencies. In the last six days alone, the attackers got about $ 1,000.
In the last eight months, the malicious extensions that have appeared on Google Chrome have managed to prove that they are a real Achilles' heel for the most used and probably one of the safest browsers in the world. In August last year, lax regulations aimed at securing the accounts of extension developers allowed the compromise of two applications installed on millions of computers.
In January, researchers discovered two separate events that had infected 500,000 computers.
Just two weeks ago, a cybersecurity company documented the reappearance of the infectious FacexWorm, the malicious extension that first appeared seven months ago.
These are the seven extensions that falsify the names of legitimate applications to harm users.