Browser add-ons are convenient, but they can also pose a big risk. Hard to imagine for laypeople.
Browser extensions are now part of everyday life for many Internet users. They save passwords, translate texts or make surfing more convenient.
The Google Chrome web store is considered a central and supposedly safe contact point. But this is exactly where risks can be hidden that are hardly noticeable at first glance.
Chrome extensions read the clipboard
The serious impression of an add-on can be deceiving. Broadcom security researchers Yuanjing Guo and Tommy Dong have discovered several Chrome extensionswhich contain functions that go far beyond what is advertised – and thereby endanger the safety of users.
“These threats range from relatively low-risk activities to query/session hijacking and even remote code execution.”
The main problem is that these additional functions are not immediately visible to users. While relying on the promised core functionality, processes are running in the background, that concern sensitive data or partially give away control of the browser.
The following add-ons are specifically mentioned:
- Good tab (ID: glckmpfajbjppappjlnhhlofhdhlcgaj)
- Children Protection (ID: giecgobdmgdamgffeoankaipjkdjbfep)
- DPS Websafe (ID: bjoddpbfndnpeohkmpbjfhcppkhgobcg)
- Stock Informer (ID: beifiidafjobphnbhbbgmgnndjolfcho)
Among other things, the extensions access the clipboard and send this information to an external domain via insecure HTTP. So anyone who copies sensitive data such as passwords is passing them on unknowingly. In some cases, users are tracked or the search is hijacked.
If you have one of these extensions installed, you should remove it as soon as possible. Although they are relatively unknown add-ons, they have found their way into the official Google Chrome web store – so there could be more of them!
One reason for this is that sometimes hide harmful behavior well or is only activated after a certain time. In addition, developers are using increasingly sophisticated methods to bypass automatic and human security checks.
Therefore, caution is required when installing browser plug-ins, no matter how good the promised functions may sound.
About the Author
