Protection from Malicious Browser Extension
More and more tasks are done directly from the web, from the browser, and without having to install any app. The extensions improve the functions of the browser and provide tools that are sometimes really interesting. This, however, not only brings convenience benefits to the user but often also to third parties when it comes to obtaining information without the user's permission. And for this, browser extensions are a perfect gateway.
According to ZDNet, in recent days Google has removed a total of 49 extensions from Chrome. All of them were posing as legitimate cryptocurrency wallets when they were actually inserting malware into the browser or directly stealing passwords and other access data to users' cryptocurrencies. The security expert who found them explains that they all used a similar system, so probably the same person or group is behind all of them.
The extensions imitated other genuine ones in appearance, only that when entering the data they went directly to a private server or a Google Docs form. According to a controlled test that was done, cryptocurrencies were not stolen directly. This suggests that either the attacker was not interested in small sums of money or did not have an automatic way to get the money out of their victims' wallets.
Deal with Malicious Browsers Extensions
Google, Mozilla, Apple, and other companies are continually seeking to improve total security on their browser extension platforms. This, however, is not something simple and on more than one occasion the malicious browsers extension stores have been filled with malware. There is more lack of control in who publishes them and above all it is much faster and easier for the user to install than an app, so it is easier than it seems to fall into a fraudulent one.
What can be done to avoid it? Take precautions and be very clear about what is being installed and what permissions are granted to each extension. The fewer extensions installed in the browser, the better and as long as they are from known and verified developers in the extensions store. On the other hand, when installing them, you have to verify what permissions are really given and be suspicious of those that request access to functions that they do not really need for their task. It would be surprising to see the number of extensions that request access to the reading of the text entered in any text field of the browser (that is, to be able to read practically any email or password that is inserted in a form).
The Security Risk of Malicious Browser Extensions
Beyond the great utility that extensions can have for the browser, we must also take into account the risk that using extensions that are insecure must be taken into account. Sometimes we can compromise our privacy if we use these types of tools without taking into account certain important tips.
We are going to explain why malicious browser extensions can be a security problem. In each case, we will give a series of tips to avoid being victims of security problems related to browser add-ons.
Extension Permissions
When we install an extension it can ask us for a series of permissions. Sometimes they will be necessary for their operation, while in other cases it may be a problem for our privacy and that their real objective is to collect all kinds of user data.
That is why it is very important to check the permissions of the extensions that we install in the browser. For example, if they ask us for access to the camera, the history, or any other application. Maybe what they really want is to collect user data to later sell it to third parties. We already know that our information on the Internet has great value today and many services seek to obtain personal data of all kinds.
Malicious Software
Of course one of the main problems is directly installing malicious software. This happens more often than we think. It can mainly happen if we install software from third-party sites. In these cases, we run the risk of installing malicious software or that has been modified to steal our data.
Our advice is to always install from official sources and make sure everything is in order. We must avoid adding software from links that we find on third-party sites, for example. This must also be applied to applications, as well as to the browser itself.
Outdated Extensions
Sometimes security flaws can arise that are corrected through updates and patches. It is the manufacturers and developers themselves who release updates to correct it. We must always have the extensions correctly updated and in this way make sure that a possible hacker is not going to take advantage of these flaws to carry out their attacks.
Changes in Operation
In addition to worrying about the installation process, we must also take into account that many extensions undergo changes over time. This means that their functionality can change and not always for the better.
Sometimes they incorporate changes that can be negative for our privacy and security. Therefore, it is advisable to be aware of these possible changes that may pose a problem for our privacy.
Vulnerabilities
One final risk is vulnerabilities. Sometimes by the browser and sometimes by the extensions themselves. These vulnerabilities may allow the injection of malicious code by cybercriminals. They could attack our security and also put the proper functioning of the devices at risk.
In short, extensions for the browser are very interesting tools and provide different functions. However, we must bear in mind that they can also pose a problem for our security and privacy. Therefore, we need to take into account everything that we have discussed in this article. The goal is that our privacy and security are always present and for keeping our data private we should use software that gives us total security from all the extensions that we use.




