Google removes more than 70 malicious Add-Ons from the Chrome Web Store
Add-Ons, Extensions (also known as extensions) are applications that users install on the browser to support that browser. However, sometimes hackers also take advantage of these Add-Ons themselves to spread malware as well as perform malicious acts targeting internet users.
After receiving a series of detailed reports of malicious activities related to some Chrome extensions containing malicious code, Google has just announced that it has deleted more than 70 extensions on the Chrome Store Online (Chrome Web Store). These are all Add-Ons that are supposed to contain malicious code or stealthily perform malicious activities (according to the discovery of international security company Awake Security), with a total of 32 million downloads and installs by Google users all over the world.
Chrome Web StoreThis fact partly shows the failure of technology in general and security in particular to protect users on browser platforms, which are increasingly used for sensitive work related to email, payroll, finance, and more.
Talking about the incident, Scott Westover, a spokesman for Google, said:
'After receiving a warning that some of the Chrome Web Store extensions violated the platform's privacy policy, we immediately took action at the highest level. Also learn from this incident to improve security tools and automated censorship on the platform. "
Most extensions are intended to alert users about malicious activity on websites or the behavior of converting files from one format to another. In fact, they are used to illegally access browser history and collect logins stored on the platform. Having 70 extensions removed at the same time shows the seriousness of Google, and this has become the largest malicious add-on purge campaign ever on the Chrome Web Store. However, it is still not clear what the agent behind the above malware distribution is.
Here is the list of ID and the name of the malicious add-on that has been removed:
- acmnokigkgihogfbeooklgemindnbine
- apgohnlmnmkblgfplgnlmkjcpocgfomp
- apjnadhmhgdobcdanndaphcpmnjbnfng (ViewPDF)
- bahkljhhdeciiaodlkppoonappfnheoi (Search Manager)
- bannaglhmenocdjcmlkhkcciioaepfpj (PDF Opener)
- bgffinjklipdhacmidehoncomokcmjmh (easyconvert)
- bifdhahddjbdbjmiekcnmeiffabcfjgh
- bjpknhldlbknoidifkjnnkpginjgkgnm (doctopdf)
- blngdeeenccpfjbkolalandfmiinhkak (ByteFence Secure Browsing)
- ccdfhjebekpopcelcfkpgagbehppkadi (ByteFence Secure Browsing)
- cceejgojinihpakmciijfdgafhpchigo (theeasywaypro)
- cebjhmljaodmgmcaecenghhikkjdfabo
- chbpnonhcgdbcpicacolalkgjlcjkbbd (TheSecuredWeb)
- cifafogcmckphmnbeipgkpfbjphmajbc
- clopbiaijcfolfmjebjinippgmdkkppj (mydocstopdf)
- cpgoblgcfemdmaolmfhpoifikehgbjbf
- dcmjopnlojhkngkmagminjbiahokmfig
- deiiiklocnibjflinkfmefpofgcfhdga
- dipecofobdcjnpffbkmfkdbfmjfjfgmn
- dopkmmcoegcjggfanajnindneifffpck
- dopmojabcdlfbnppmjeaajclohofnbol
- edcepmkpdojmciieeijebkodahjfliif
- ekbecnhekcpbfgdchfjcfmnocdfpcanj
- elflophcopcglipligoibfejllmndhmp
- eogfeijdemimhpfhlpjoifeckijeejkc
- fcobokliblbalmjmahdebcdalglnieii
- fgafnjobnempajahhgebbbpkpegcdlbf
- fgcomdacecoimaejookmlcfogngmfmli
- fgmeppijnhhafacemgoocgelcflipnfd
- fhanjgcjamaagccdkanegeefdpdkeban
- flfkimeelfnpapcgmobfgfifhackkend
- fmahbaepkpdimfcjpopjklankbbhdobk
- foebfmkeamadbhjcdglihfijdaohomlm
- fpngnlpmkfkhodklbljnncdcmkiopide
- gdifegeihkihjbkkgdijkcpkjekoicbl
- gfcmbgjehfhemioddkpcipehdfnjmief
- gfdefkjpjdbiiclhimebabkmclmiiegk
- ggijmaajgdkdijomfipnpdfijcnodpip
- ghgjhnkjohlnmngbniijbkidigifekaa
- gllihgnfnbpdmnppfjdlkciijkddfohn
- gmmohhcojdhgbjjahhpkfhbapgcfgfne
- gofhadkfcffpjdbonbladicjdbkpickk
- hapicipmkalhnklammmfdblkngahelln
- hijipblimhboccjcnnjnjelcdmceeafa
- hmamdkecijcegebmhndhcihjjkndbjgk
- hodfejbmfdhcgolcglcojkpfdjjdepji
- hpfijbjnmddglpmogpaeofdbehkpball
- ianfonfnhjeidghdegbkbbjgliiciiic
- ibfjiddieiljjjccjemgnoopkpmpniej
- inhdgbalcopmbpjfincjponejamhaeop
- iondldgmpaoekbgabgconiajpbkebkin
- ipagcbjbgailmjeaojmpiddflpbgjngl
- jagbooldjnemiedoagckjomjegkopfno
- jdheollkkpfglhohnpgkonecdealeebn
- jfefcmidfkpncdkjkkghhmjkafanhiam
- jfgkpeobcmjlocjpfgocelimhppdmigj
- jghiljaagglmcdeopnjkfhcikjnddhhc
- jgjakaebbliafihodjhpkpankimhckdf
- jiiinmeiedloeiabcgkdcbbpfelmbaff
- jkdngiblfdmfjhiahibnnhcjncehcgab
- jkofpdjclecgjcfomkaajhhmmhnninia
- kbdbmddhlgckaggdapibpihadohhelao
- keceijnpfmmlnebgnkhojinbkopolaom
- khhemdcdllgomlbleegjdpbeflgbomcj
- kjdcopljcgiekkmjhinmcpioncofoclg
- kjgaljeofmfgjfipajjeeflbknekghma
- labpefoeghdmpbfijhnnejdmnjccgplc
- lameokaalbmnhgapanlloeichlbjloak
- lbeekfefglldjjenkaekhnogoplpmfin
- lbhddhdfbcdcfbbbmimncbakkjobaedh
- ldoiiiffclpggehajofeffljablcodif
- lhjdepbplpkgmghgiphdjpnagpmhijbg
- ljddilebjpmmomoppeemckhpilhmoaok
- ljnfpiodfojmjfbiechgkbkhikfbknjc
- lnedcnepmplnjmfdiclhbfhneconamoj
- lnlkgfpceclfhomgocnnenmadlhanghf
- loigeafmbglngofpkkddgobapkkcaena
- lpajppfbbiafpmbeompbinpigbemekcg
- majekhlfhmeeplofdolkddbecmgjgplm
- mapafdeimlgplbahigmhneiibemhgcnc
- mcfeaailfhmpdphgnheboncfiikfkenn
- mgkjakldpclhkfadefnoncnjkiaffpkp
- mhinpnedhapjlbgnhcifjdkklbeefbpa
- mihiainclhehjnklijgpokdpldjmjdap
- mmkakbkmcnchdopphcbphjioggaanmim
- mopkkgobjofbkkgemcidkndbglkcfhjj
- mpifmhgignilkmeckejgamolchmgfdom
- nabmpeienmkmicpjckkgihobgleppbkc
- nahhmpbckpgdidfnmfkfgiflpjijilce
- ncepfbpjhkahgdemgmjmcgbgnfdinnhk
- npaklgbiblcbpokaiddpmmbknncnbljb
- npdfkclmbnoklkdebjfodpendkepbjek
- nplenkhhmalidgamfdejkblbaihndkcm
- oalfdomffplbcimjikgaklfamodahpmi
- odnakbaioopckimfnkllgijmkikhfhhf
- oklejhdbgggnfaggiidiaokelehcfjdp
- omgeapkgiddakeoklcapboapbamdgmhp
- oonbcpdabjcggcklopgbdagbfnkhbgbe
- opahibnipmkjincplepgjiiinbfmppmh
- pamchlfnkebmjbfbknoclehcpfclbhpl
- pcfapghfanllmbdfiipeiihpkojekckk
- pchfjdkempbhcjdifpfphmgdmnmadgce (EasyConvert)
- pdpcpceofkopegffcdnffeenbfdldock
- pgahbiaijngfmbbijfgmchcnkipajgha
- pidohlmjfgjbafgfleommlolmbjdcpal
- pilplloabdedfmialnfchjomjmpjcoej
- pklmnoldkkoholegljdkibjjhmegpjep
- pknkncdfjlncijifekldbjmeaiakdbof
- plmgefkiicjfchonlmnbabfebpnpckkk
- pnciakodcdnehobpfcjcnnlcpmjlpkac
- ponodoigcmkglddlljanchegmkgkhmgb
You can view the detailed report here if needed:
https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-in-store-extensions.txt
You should read it
- Google 'tightens' the installation of the extension on Chrome browser
- Google Chrome temporarily prevents sideload of extensions
- Extension Police, an extension that helps protect Chrome from malicious extensions
- Attractive extensions on Google Chrome
- The Chrome Web Store is facing a massive wave of transaction fraud
- 28 dangerous extensions you should immediately remove from Chrome and Microsoft Edge
- The Chrome Web Store blocks duplicate extensions
- The best Chrome extensions you should know
- Top 7 most useful Chrome extensions you should try
- List of some types of files that are potentially dangerous on Windows
- 4 Chrome extensions to help you surf the Web faster
- 9 Chrome extensions are most useful
Maybe you are interested
More than 200 apps containing malicious code were discovered and downloaded millions of times on the Google Play Store.
Detection of malicious code infecting the web browsers of 300,000 PCs, silently stealing user data
The App Store was tricked into approving malicious apps
Google Chrome will warn users about password-protected malicious archive files
All VSCode users need to be wary of malicious extensions!
What are malicious apps? How dangerous are they?