Users of Google Chrome have been put on alert after security experts discovered four extensions for the browser were malicious.
It was researchers at ICEBERG that revealed the malicious extensions had been downloaded in excess of 500,000 times, Arstechnica reported.
It was discovered when the researchers noticed a large spike in outbound traffic from a customer’s workstation.
They discovered it was caused by a Google Chrome extension called HTTP Request Header which used infected machines to visit advertising links.
ICEBERG found that three other extensions – Nyoogle, Stickies and Lite Bookmarks, unfortunately, reacted in a similar manner. The researchers hold the belief that they are part of click-fraud scam.
“In their report, the security firm said: “In this case, the inherent trust of third-party Google extensions, and accepted risk of user control over these extensions, allowed an expansive fraud campaign to succeed.
“In the hands of a sophisticated threat actor, the same tool and technique could have enabled a beachhead into target networks.”
All for extensions have now been removed from the Chrome Store and the new Google Chrome version 64 will be launch on 23 January and will include updates that tackle the problems with Meltdown and Spectre that could potentially affect all CPUs. However, as we have reported previously, no instances have yet been reported so this is seen as a proactive move by the company.
Outlining the update, Google simply said that: “Chrome 64, due to be released on January 23, will contain mitigations to protect against exploitation.”