Avast lists 28 malware-infected browser extensions, downloaded 3 million times 

870
SHARE

Prague-based Avast reported that almost 3 million people have been infected by browser extensions they downloaded for Google Chrome and Microsoft Edge browsers. The malware-infected apps can steal private data and redirect users to phishing or advertising sites.

The Avast Threat Intelligence team said on Wednesday that they had discovered 28 browser extensions or add-ons that had malicious code. The malware code was found in the JavaScript-based extensions which infect a computer or other device when downloaded.

Many of the extensions claim to be apps that are tools to download pictures, videos, and content from social media sites. The sites include Instagram, Facebook, Vimeo, and Spotify. Some of the malware-infected sites are still available for download from both Google and Microsoft.

Signup for the USA Herald exclusive Newsletter

Malware-infected apps spy on users

Avast detailed the threat of the browser extensions in its report claiming, “Users have also reported that these extensions are manipulating their internet experience and redirecting them to other websites. Anytime a user clicks on a link, the extensions send information about the click to the attacker’s control server, which can optionally send a command to redirect the victim from the real link target to a new hijacked URL before later redirecting them to the actual website they wanted to visit.”

“User’s privacy is compromised by this procedure since a log of all clicks is being sent to these third-party intermediary websites. The actors also exfiltrate and collect the user’s birth dates, email addresses, and device information, including first sign-in time, last login time, name of the device, operating system, used browser, and its version, even IP addresses (which could be used to find the approximate geographical location history of the user),” they described.

IF you have downloaded malware on your system you may be getting a lot of unexpected redirects. During internet use, you may also be experiencing freeze-frames.

Avast provided a list of the browser add-ons infected by malware, along with the download links. If you have downloaded an infected app it is urgent that you remove it ASAP. Then run a virus scan and try to mitigate any damage.

Avast list of browser extension apps with malware:

  • Direct Message for Instagram
  • Direct Message for Instagram
  • DM for Instagram
  • Invisible mode for Instagram Direct Message
  • Downloader for Instagram
  • Instagram Download Video & Image
  • App Phone for Instagram
  • App Phone for Instagram
  • Stories for Instagram
  • Universal Video Downloader
  • Universal Video Downloader
  • Video Downloader for Facebook
  • Video Downloader for Facebook
  • Vimeo Video Downloader
  • Vimeo Video Downloader
  • Volume Controller
  • Zoomer for Instagram and Facebook
  • VK UnBlock. Works fast.
  • Odnoklassniki UnBlock. Works quickly.
  • Upload photo to Instagram
  • Spotify Music Downloader
  • Stories for Instagram
  • Upload photo to Instagram
  • Pretty Kitty, The Cat Pet
  • Video Downloader for YouTube
  • SoundCloud Music Downloader
  • The New York Times News
  • Instagram App with Direct Message DM

—————————————-

Have a story you want USA Herald to cover? Submit a tip here and if we think it’s newsworthy, we’ll follow up on it.

Want to contribute a story? We also accept article submissions – check out our writer’s guidelines here.