Avast alerts us to the presence of around thirty infected extensions on Chrome and Edge browsers. These extensions housed malware that was undetectable for the infected user, and intended to extort personal information from you and display advertisements.
In December, Avast security researchers alerted us to a malware potentially dangerous housed in around thirty extensions for browsers Google Chrome and Microsoft Edge. In total, these 28 infected extensions have infected nearly 3 million PCs around the world – and more particularly in France, Ukraine and Brazil – showing them intrusive advertisements to theft of personal data. According to Avast, some extensions appeared to be active since October 2017, which would have given the malware ample time to accomplish its deeds. Avast now specifies how it got involved in these extensions, and how the people behind its deployment went about hiding its presence from users.
The great peculiarity of this malware is that it is indeed practically undetectable, even for a seasoned user. This will indeed seek to analyze the behavior of the infected host, in order to determine if it is a web developer who could find him more easily than another. “The virus detects whether the user is a web developer. If this is the case, he will not perform any malicious activity on his browser ” Avast explained in December. On Wednesday, security researchers at Avast said they discovered another way that developers of these extensions mask the traffic sent from the infected user to a remote server. More specifically, the malware contained in these extensions used indeed CacheFlow, allowing outgoing traffic to be masked by passing it through a secret channel in the header HTTP Cache-Control. The traffic cache was camouflaged to appear as data linked to Google Analytics, which websites primarily use to measure the number of visitors. Neither seen nor known, and therefore all the more dangerous in the long term.
The list of infected extensions
Regarding these infected extensions, it seems that they have all been removed from the extension stores of Google and Microsoft. However, if you downloaded them beforehand, they still pose a great threat to the integrity of your personal information and your web browsing experience. We therefore advise you to take a look at your extensions installed on your browser and urgently uninstall the following extensions, the names of which have been communicated by Avast:
- App Phone for Instagram
- Direct Message for Instagram
- DM for Instagram
- Downloader for Instagram
- Instagram App with Direct Message DM
- Instagram Download Video & Image
- Invisible mode for Instagram Direct Message
- Odnoklassniki UnBlock. Works quickly.
- Pretty Kitty, The Cat Pet
- SoundCloud Music Downloader
- Spotify Music Downloader
- Stories for Instagram
- The New York Times News
- Universal Video Downloader
- Upload photo to Instagram
- Video Downloader for FaceBook
- Video Downloader for YouTube
- Vimeo™ Video Downloader
- VK UnBlock. Works fast.
- Volume Controller
- Zoomer for Instagram and FaceBook
McAfee Total Protection 2021 | 3 Devices | 1 Year | Antivirus Software, Internet Security, Password Manager, Mobile Security, Multi-device …
Please wait … We are looking for the price of this product on other sites