chrome extensions are really tested and secure? like kaspersky privacy guard and avira protector ?

D

Deleted member 65228

steel9 said:
I reported all 3 extensions for faking the developer, which seems extremely easy to do on Chrome Web Store, and you can't easy tell if it's fake just by looking at the developer info, because they point straight to the official websites...
Click to expand...
You can sometimes by looking at other characteristics. Title names, descriptions, versions, update information, user usage count, reviews/ratings, privacy policy/terms of usage present?, profile upload name, etc.

Genuine companies like Avast, Avira, ESET, etc. Always have a proper Privacy Policy for legal reasons. You can also find problems with wordings. They will also have multi-lingual support. If it doesn't look professional exactly like they would normally appear, there is a good indicator it isn't genuine.

Many fake extensions of security software I've found over the past day duration have similar characteristics which scream it is fake. For example, they were put into the Productivity tab which isn't as relevant to what it was being marketed as. It was showing the UI as the screenshots to the actual AV/IS product (Win32 software which cannot be in extension form), discussing detecting and cleaning rootkits (from extension level under a sandbox container since browsers like Chrome do have these? really?), bad upload profile names, etc. No privacy policies. Duplicate/suspicious review comments or negativity from others there.
 
  • Like
Reactions: XhenEd, simmerskool, mlnevese and 2 others
C

CoherentCrayon

Level 4
Verified
Jun 23, 2017
183
Opcode said:
You can sometimes by looking at other characteristics. Title names, descriptions, versions, update information, user usage count, reviews/ratings, privacy policy/terms of usage present?, profile upload name, etc.

Genuine companies like Avast, Avira, ESET, etc. Always have a proper Privacy Policy for legal reasons. You can also find problems with wordings. They will also have multi-lingual support. If it doesn't look professional exactly like they would normally appear, there is a good indicator it isn't genuine.

Many fake extensions of security software I've found over the past day duration have similar characteristics which scream it is fake. For example, they were put into the Productivity tab which isn't as relevant to what it was being marketed as. It was showing the UI as the screenshots to the actual AV/IS product (Win32 software which cannot be in extension form), discussing detecting and cleaning rootkits (from extension level under a sandbox container since browsers like Chrome do have these? really?), bad upload profile names, etc. No privacy policies. Duplicate/suspicious review comments or negativity from others there.
Click to expand...
That's correct. But an average user probably checks the developer "Avira Antivirus", okay. Then he/she checks the developer website, which is the official one, and the user thinks the developer is legit.
 
  • Like
Reactions: XhenEd, mlnevese, Weebarra and 1 other person
D

Deleted member 65228

steel9 said:
That's correct. But an average user probably checks the developer "Avira Antivirus", okay. Then he/she checks the developer website, which is the official one, and the user thinks the developer is legit.
Click to expand...
Oh yes of course, that is why they fall for it a lot. I thought you meant generally speaking not exclusive to Home users. There are red flags with all these found extensions which are in clear-view, but an inexperienced Home user wouldn't pick up on them probably. Maybe not even check the Reviews and what-not... :/
 
  • Like
Reactions: XhenEd, roger_m, mlnevese and 2 others
giulia

giulia

Level 5
Thread author
Verified
Nov 30, 2016
237
hi
google has removed the fake kaspersky extension , but do you know how many people has installed it??

just look at the fake avira 4.212 users , well let's say i just better firefox even with the last update lots of extensions are gone
and really better apple store , at least they check the software and the apps for iphone
i don't want even think about what can i install on my android phones
in short google , doesn't almost even check the security of thier components , despite reiterates to develop the most secure browser

come on , ok , a smart and observant user will not install them , but the most of the users they trust of google
the sadly point , and i wanted to know about the malware activity of these extension
by the way great kaspersky , really they remove
i want to try the new version ,hope it's fast ,because i will say good bye forever to eset and kaspersky is the best choice , would like to read a review about their firewall included (just because i know the antivirus)
 
Last edited:
  • Like
Reactions: XhenEd, Weebarra, mlnevese and 3 others
D

Deleted member 65228

giulia said:
just look at the fake avira 4.212 users , well let's say i just better firefox even with the last update lots of extensions are gone
and really better apple store , at least they check the software and the apps for iphone
i don't want even think about what can i install on my android phones
in short google , doesn't almost even check the security of thier components , despite reiterates to develop the most secure browser
Click to expand...
I managed to find around 20-30 fake extensions yesterday after we spoke here: Malware Analysis - Fake ESET NOD32 extension analysis (Google Chrome)

Imagine how many users have installed in total among the extensions you and I both found... Crazy numbers. They have many extensions past the fake Kaspersky one to remove. A lot of them I found were the same person/people too... :/
 
  • Like
Reactions: XhenEd, Weebarra, simmerskool and 5 others
DeepWeb

DeepWeb

Level 25
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
ichito said:
Absolutely agree...it's shocking but if we want to be fair we should know something like "official statement" of developers.
Click to expand...
I'm just disappointed that Google has once again created a platform where it doesn't at least confirm that the developers are legitimate. If the dev of an extension is Kaspersky Lab and clicking on it takes me to the official website, I would assume that it is legitimate. I'm trying to figure out why on earth Google would allow people to pretend to be an entire company without verifying first. lol
 
  • Like
Reactions: XhenEd, Weebarra, CoherentCrayon and 3 others
giulia

giulia

Level 5
Thread author
Verified
Nov 30, 2016
237
Opcode said:
I managed to find around 20-30 fake extensions yesterday after we spoke here: Malware Analysis - Fake ESET NOD32 extension analysis (Google Chrome)

Imagine how many users have installed in total among the extensions you and I both found... Crazy numbers. They have many extensions past the fake Kaspersky one to remove. A lot of them I found were the same person/people too... :/
Click to expand...
hi
i see
look at Avira Antivirus - Protector of Online Surfing
if you click on offered by or website it opens the avira homepage
dUMzwE7.png
 
  • Like
Reactions: XhenEd, Weebarra, Deleted member 65228 and 1 other person
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
Almost Secure Blog: The Karma connection in Chrome Web Store
Replies
0
Views
205
Web Extensions
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • +Reputation
    • HaHa
Google Chrome extensions remain a security risk as Manifest V3 fails to prevent data theft and malware exploitation
Replies
8
Views
582
Chrome & Chromium
brambedkar59
brambedkar59
A
    • Like
How to Secure Extensions You Use?
Replies
3
Views
1,123
Web Extensions
Marko :)
Marko :)

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top