Compromised Chrome Extensions

Aug - 16 2017 | By

Proofpoint researchers have identified 6 Google Chrome Extensions that have been compromised, along with 2 others that were found in June.

List of Compromised Chrome Extensions

  1. Web Developer 0.4.9
  2. Chrometana 1.1.3
  3. Infinity New Tab 3.12.3
  4. CopyFish 2.8.5
  5. Web Paint 1.2.1
  6. Social Fixer 20.1.1
  7. TouchVPN
  8. Betternet VPN

These compromised extensions are used to steal your Google account information, provide malicious advertisements that can infect the computer, redirect to affiliate programs and other methods of redirection to generate money.

In Chrome if you go to chrome://extensions/ you can see what extensions are installed in your Chrome browser.  On the far right of each entry is a Waste Can icon to remove extensions you do not want or need any longer.   At the top right of the list is a button to Update extensions now to update extensions you have installed in Chrome now.  The 8 that are listed above are bad and updated or old versions not safe to be on your Chrome browser and should be removed.  Also on this same screen you will see a check box for Enabled, this determines if the extension is loaded when you use Google Chrome, there is also a check box to enable the Extension in Incognito mode as well.

If you have questions about an Extension please feel free to contact Michael Spice about them.

To learn more about these compromised extensions and what they can do see the following article that combined the details of the researcher at Proofpoint