- Nov 5, 2011
- 5,855
Beware: Chrome malicious plugins : on blogs.totaldefense.com : http://blogs.totaldefense.com/blogs/2014/01/20/Beware-Chrome-malicious-plugins.aspx
Hackers buy chrome plugins in order to turn them into malware.
Virus developers put their hands on legitimate and popular plugins and turn them into hacking tools, specifically because the plugins are considered legitimate, most antivirus programs do not detect their activity. So how can you identify the affected plugins and dispose them?
It is known that for quite some time malware writers are buying Chrome supplements known as plugins in order to take advantage of the automatic update capabilities integrated into the Google browser extensions feature and push updates to users that turn the plugins into malware.
There have been several cases where legitimate extension developers were surprised to get offers to sell their plugins, and were more surprised to later find out that in fact the purchasers have turned the plugins into malware. ..
So how can you get rid of such malicious plugins?
The identification of these plugins can be problematic, since they are usually not detected by antivirus software. If your chrome browser starts acting strange and displays bizarre advertisements, or Google search displays suspicious results or links that lead to unexpected places, you may also fell victim to this method.
Currently, the best way is to try and locate the suspicious plugin at Chrome Extensions page and one by one disable all plugins that can be the cause (no need to check plugins developed by Google), until the problem is gone - then deleting the last disabled plugin. At best, there will not be other actions required, but it is not impossible that a malicious plugin will find a way to leave traces on your computer even after deletion.
Unfortunately, there is no Chrome option to prevent automatic updating of plugins, and the only way to monitor the updates is to . . . install a plugin that announces when each other plugin is updated. ..
Search engine and other settings taken over by an unwanted program : on support.google.com : https://support.google.com/chrome/answer/2765944?hl=en
Programs that may cause changes
If you've tried the recommendations above and are still unable to fix the issue, we want to know. Below is a list of links to Chrome Help Forum threads for a few of the most common programs that consistently cause changes to Chrome settings. Please describe your issue with as much detail as possible in the relevant help forum threads (English only).
Google bans Chrome extensions (TWO only..) for serving rogue ads : on neowin.net : http://www.neowin.net/news/google-bans-chrome-extensions-for-serving-rogue-ads
Google has banned two extensions from the Chrome Web Store following outrage from users for serving adware under the pretext of sharing links to various sites.
The extensions in question are "Add to Feedly" and "Tweet this Page" which were quite useful for sharing links until they were bought out by malware developers who started replacing the links with pop-under and rogue advertisements. According to Amit Agrawal, the developer of "Add to Feedly," an unknown company bought the extension from him for an undisclosed four figure sum and inserted their own malware injection code into it. Another developer of an extension called "Honey" turned down the purchase offer from a malware company and conducted a Reddit IAmA about his experience.
In response to complaints from users in the reviews of the extensions and on multiple internet forums, Google removed the extensions and has cited its policy update from December regarding submissions to the Chrome Web Store. According to Google, extensions must have a single purpose and must not be used to deliver spam or adware.
While the problem isn't limited to Chrome, as a Firefox extension was also reported to be carrying malicious code in the past, it's good to see that Google have responded to threats emerging through the Chrome Web Store in a prompt manner.
Chrome danger!.jpg
..
BEWARE!.gif - from Imgur
Hackers buy chrome plugins in order to turn them into malware.
Virus developers put their hands on legitimate and popular plugins and turn them into hacking tools, specifically because the plugins are considered legitimate, most antivirus programs do not detect their activity. So how can you identify the affected plugins and dispose them?
It is known that for quite some time malware writers are buying Chrome supplements known as plugins in order to take advantage of the automatic update capabilities integrated into the Google browser extensions feature and push updates to users that turn the plugins into malware.
There have been several cases where legitimate extension developers were surprised to get offers to sell their plugins, and were more surprised to later find out that in fact the purchasers have turned the plugins into malware. ..
So how can you get rid of such malicious plugins?
The identification of these plugins can be problematic, since they are usually not detected by antivirus software. If your chrome browser starts acting strange and displays bizarre advertisements, or Google search displays suspicious results or links that lead to unexpected places, you may also fell victim to this method.
Currently, the best way is to try and locate the suspicious plugin at Chrome Extensions page and one by one disable all plugins that can be the cause (no need to check plugins developed by Google), until the problem is gone - then deleting the last disabled plugin. At best, there will not be other actions required, but it is not impossible that a malicious plugin will find a way to leave traces on your computer even after deletion.
Unfortunately, there is no Chrome option to prevent automatic updating of plugins, and the only way to monitor the updates is to . . . install a plugin that announces when each other plugin is updated. ..
Search engine and other settings taken over by an unwanted program : on support.google.com : https://support.google.com/chrome/answer/2765944?hl=en
Programs that may cause changes
If you've tried the recommendations above and are still unable to fix the issue, we want to know. Below is a list of links to Chrome Help Forum threads for a few of the most common programs that consistently cause changes to Chrome settings. Please describe your issue with as much detail as possible in the relevant help forum threads (English only).
- Babylon
- FunDial
- FunMoods
- MyStart.incredimail.com or MyStart.incredibar.com
- PlusNetwork.com
- Search.Conduit.com
- SweetIM
- SearchNu.com
- Delta Search
- Pinterest.aot.im
- Search.snap.do
- Qvo6 or Portaldosites.com
Google bans Chrome extensions (TWO only..) for serving rogue ads : on neowin.net : http://www.neowin.net/news/google-bans-chrome-extensions-for-serving-rogue-ads
Google has banned two extensions from the Chrome Web Store following outrage from users for serving adware under the pretext of sharing links to various sites.
The extensions in question are "Add to Feedly" and "Tweet this Page" which were quite useful for sharing links until they were bought out by malware developers who started replacing the links with pop-under and rogue advertisements. According to Amit Agrawal, the developer of "Add to Feedly," an unknown company bought the extension from him for an undisclosed four figure sum and inserted their own malware injection code into it. Another developer of an extension called "Honey" turned down the purchase offer from a malware company and conducted a Reddit IAmA about his experience.
In response to complaints from users in the reviews of the extensions and on multiple internet forums, Google removed the extensions and has cited its policy update from December regarding submissions to the Chrome Web Store. According to Google, extensions must have a single purpose and must not be used to deliver spam or adware.
While the problem isn't limited to Chrome, as a Firefox extension was also reported to be carrying malicious code in the past, it's good to see that Google have responded to threats emerging through the Chrome Web Store in a prompt manner.
Chrome danger!.jpg
..
BEWARE!.gif - from Imgur
