Chrome, Edge: a dangerous malware is distributed in about thirty extensions, uninstall them quickly!

Edge and Chrome are victims of malware capable of stealing user information. No wonder this, except that the malware is able to determine the user’s skill level, and will or will not activate accordingly. The malware in question is distributed through relatively popular extensions, which sometimes promise to download YouTube videos, sometimes to send messages to Instagram.

Malware Extension Edge

Despite the countless precautions taken by publishers, browsers are constantly the target of hackers of all stripes. When it is not the very heart of the browser that is attacked, as is the case with the Raccoon banking malware in particular, hackers use the extensions found on the different stores of these same browsers to inject malicious code into the machines of their victims.

The latest threat concerns both Edge and Chromium, both having as a common source Chromium. Avast researchers have discovered malware that spreads through relatively well-known extensions and that often promise to help the user download videos from the Web.

The malware studies user behavior before activating

Avast researchers have thus identified 28 extensions dedicated to Edge and Chrome, extensions infected with a new kind of malware. The malware is pernicious in more than one way. Once the machine is infected, the malware can sometimes display unwanted advertising (which is a lesser evil), sometimes steal personal information (which is much more serious, you can imagine).

But one of the peculiarities of the malware is that it only activates after a few days. And not only is he super discreet during this period, but he is also able to analyze the behavior and skill level of his victim. It uses its history for this and determines whether it is a web developer or not.

Jan Vojtesek, security expert for Avast, explains that “the virus detects if the user searches on Google for one of their domains or, for example, if the user is a web developer. If so, it will not perform any malicious activity on its browser. It avoids infecting people more experienced in web development, as they could more easily find out what extensions are doing in the background. ”

Read also: Windows 10 requires the installation of Edge, Microsoft’s new browser

Over 3 million PCs infected with malware lurking in Chrome and Edge extensions

Avast first detected this threat in November 2020, but believes it may have been active for years, without anyone realizing it. According to Avast estimates, this would be so more than 3 million PCs that would be affected.

Nearly thirty extensions are concerned. Here is the full list. If some are duplicated, this is quite normal, since they can appear on either of the two stores (that of Google Chrome or Microsoft Edge) or can be present twice on each of between them.

  • App Phone for Instagram
  • App Phone for Instagram
  • Direct Message for Instagram
  • Direct Message for Instagram ™
  • DM for Instagram
  • Downloader for Instagram
  • Instagram App with Direct Message DM
  • Instagram Download Video & Image
  • Invisible mode for Instagram Direct Message
  • Odnoklassniki UnBlock. Works quickly.
  • Pretty Kitty, The Cat Pet
  • SoundCloud Music Downloader
  • Spotify Music Downloader
  • Stories for Instagram
  • Stories for Instagram
  • The New York Times News
  • Universal Video Downloader
  • Universal Video Downloader
  • Upload photo to Instagram ™
  • Upload photo to Instagram ™
  • Video Downloader for FaceBook ™
  • Video Downloader for FaceBook ™
  • Video Downloader for YouTube
  • Vimeo ™ Video Downloader
  • Vimeo ™ Video Downloader
  • VK UnBlock. Works fast.
  • Volume Controller
  • Zoomer for Instagram and FaceBook

Note that at the time of this writing, Microsoft and Google seem to have removed all these extensions from their respective stores. But if you use one of them, only one watchword: urgently uninstall them. To do this, in Chrome, click on the small puzzle-shaped icon located at the top right. In the list that appears, locate the offending extension (s), then click on Other actions, and finally on Remove from Chrome.

Under Edge, click the Settings and more icon located at the top right, then select the Extensions feature. There you will find all the add-ons that have been installed on your browser. Locate the one that is causing you concern and simply click on Remove.