Malicious Chrome Extensions Impact 500,000 Users
NJCCIC Alert
Original Release Date: 2018-01-18
Security researchers at ICEBRG discovered four malicious Chrome extensions available for download through the official Chrome Web Store. The extensions, which impacted approximately 500,000 users, includedChange HTTP Request Header, Nyoogle - Custom Logo for Google, Lite Bookmarks, and Chrome's Post-it Notes. Threat actors delivered malicious commands to unsuspecting users via JavaScript code which was then used to conduct click-fraud in an effort to generate revenue for the developers.
The NJCCIC recommends users who installed the malicious Chrome extensions uninstall them immediately and consider installing a reputable ad-blocking and/or script-blocking extension. We also recommend reviewing ICEBRG’s reportfor technical details related to these extensions including associated domains and IoCs.
Featured Content
- Pulse Connect Secure Vulnerabilities Are Actively Being Exploited>
- Phishing Campaigns Attempt to Steal Credentials for Cloud Services>
- Geico Hack Impacts Residents in 8 States>
- SonicWall Email Security Vulnerabilities Are Actively Being Exploited>
- New Critical Vulnerabilities in On-Premises Microsoft Exchange Servers>
- Threat Actors Abuse Contact Forms in Recent Malware Campaigns>
- Google Chrome Vulnerabilities Exploited in the Wild – Patch Now>
- Increase in Ransomware Attacks Targeting Education Sector>
The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.
View our Privacy Policy here.
View our Site Index here.