Privacy News Fake IDM extension for Chromium-based browser stealing account

[worldless]

In summary, the long time existed & known-as-fake IDM extension provided on Chrome store that steals login information has been recently discovered by the VCCorp's security team.
The stealed information consists of username + password, login cookies for many popular services e.g Facebook, Google, Yahoo as well as other commerical accounts e.g Paypal and banks.

According to this report, the rogue attack mostly targets to users in Vietnam where IDM is illigally installed on almost every PCs, which could also install the fake extension silently.

Spoiler: Full aritcle (Google translate for english)

Chuyên gia bảo mật phát hiện đường dây chiếm đoạt tài khoản ngân hàng, Facebook, Gmail... cực lớn ở Việt Nam, bạn cũng có thể là nạn nhân

 

[frogboy]

No as I do not used cracked software. Plus I have a lifetime licence for IDM.

 

[worldless]

Actually I once installed the fake extention but I change most of important passwords once per month as habit.
After Firefox 54 released combos with FDM, I finally could use them as main browser and ditched Chrome + IDM & stuffs..
Reading the report somehow makes me feel lucky

 

[Winter Soldier]

A free IDM browser extension would be too good... to be true

 

[tomy_hil]

thanku....

 

[FrFc1908]

No as I do not used cracked software. Plus I have a lifetime licence for IDM.

@frogboy : two souls , one thought brother.....I also have bought a lifetime license for IDM.....never leave home without it.

 

[jackuars]

Being a freebie lover, I don't have to search the wild for cracked software or pay for one anymore Was an long-time user of IDM (cracked) in the past, then switched to EagleGet when I found that it does essentially everything what the paid software could do for free.

Now I've this new found love for freeware software's since it does pretty much everything I want without spending a dime. Thanks to all the selfless developers for their time and efforts

 

[YURY]

Extension IDM is not use. I use only the desktop version.

 

[BearHug]

I have a paid licence for IDM! So no chance of cheating!

 

[DJ Panda]

Never used the software and no pirating for me. Its kind of amusing how some "security experts" I have read claim that pirating software doesn't get you infected..

 

[Azure]

Extension IDM is not use. I use only the desktop version.

Doesn't the desktop version come with the extension?

 

[mlnevese]

Doesn't the desktop version come with the extension?

It does... and IDM's help page even has a small tutorial on how to add the extension for Chromium based browsers that are not Google Chrome. I currently use it on Opera.

 

[worldless]

IMO some info is misread.
The fake extension tricks user to think that installing it from Chrome store is necesssary, even with people who already had the licensed IDM (but not install the official extension yet or it was automatically removed by Chrome in some cases).
The cracked IDM may also uses this trick.

P/s: Why am I the only one voted Yes