Malicious Browser Extensions in Chrome and Edge: What You Need to Know and How to Protect Yourself

The hackers are infecting Google Chrome and Microsoft Edge with malware through browser extensions, designed to steal personal data. These harmful extensions, often disguised as useful tools or enhancements, have been found to secretly harvest information such as browsing history, login credentials, and even financial details.

The Hacker News has reported a newly found malware campaign that has been active since 2021, and at least 300,000 Chrome and Edge users have fallen prey to it.

The people behind it generated lookalike websites that act like popular software and services like YouTube, VLC media player, or Keepass. While potential victims think they are installing legal software or its extensions, they download a bug that installs malicious extensions in use by this malware.

It does this by manipulating the Windows Registry on a PC to forcibly install Chrome and Edge extensions that are used for ad fraud, hijacking web searches on Google and subsequently redirecting them via the hackers’ servers. What is even more worrying is that newer variants of this malware may also block browser updates, leaving their targets exposed.

This is a bit more challenging:

you’ll have to open up the Registry Editor, as you did for the Task Scheduler. Note, however, that you should not toy with your computer’s registry unless you are sure about what you are doing.
Since this malware targets both Chrome and Edge,

It will likely be more than enough to make you think twice before downloading new software or browser extensions from sources that aren’t exactly trustworthy. If you want to download a new extension, do it from the Chrome Web Store or from the Microsoft Edge Add-on Store instead.

What to Do Now

In case of a suspicion that you may have installed a malicious browser extension, act upon these steps immediately:

Remove Suspicious Extensions: Go to settings and check your list of your installed extensions. Remove the ones you don’t know or no longer use.

Edge: Click the three dots in the top right corner > Extensions. Check the list for any extensions that you do not recognize or are unfamiliar with, and remove them.
The same steps are for Chrome to recognize or remove the extension.

Change Your Passwords: If you installed any harmful Add-ons change the passwords of all your online accounts and bank and email accounts. Make a strong password for each.

Avoid New Extensions: Never add any new extension in a browser until reading its reviews and checking it belongs to an authentic reputable company. Limit only extensions with huge downloads, accompanied by positive reviews; also, be wary of those who seek unnecessary permissions.

Keep monitoring your accounts for any suspicious activities. Monitor your bank statements and credit reports, and be on the lookout for other sensitive accounts.
Keep your browser up to date. While primarily aimed at patching security vulnerabilities, these updates are something that Google and Microsoft release on a continuing basis.

You could do all this by hand, of course, by deleting malware files. You are much better off letting one of the best antivirus programs do it for you.

RAM Antivirus protects you better from phishing attacks.

Never use any link provided in an e-mail to connect to a Web site unless you are absolutely sure that it is authentic. Beware of e-mails requesting confidential information, especially personal information, and financial information. No trusted organization will ever demand sensitive information via e-mail; therefore, never give your personal information via those links

How to turn ON the anti-phishing feature in RAM Antivirus?

1. First you have to download RAM Antivirus from the ramantivirus.com website.
2. Click on the Setting Option of RAM Antivirus.
3. Then click on “Web Setting”.
4. Under Web Settings, in the Anti Phishing row, move the ON/OFF switch to turn ON the Anti-Phishing feature.

Once its function feature is activated, you no longer have to worry about any potential phishing attack. The anti-phishing features of RAM Antivirus protect you from visiting malicious, insecure, or infected websites. This feature can analyze all the websites you open and make you aware of the security level of a given website on its own, which means whether this website is considered safe or not. If a visited website is dangerous, the system will terminate that website through the Anti Phishing feature. So, always turn on the Anti Phishing feature and save your system.