Beware: Deceptive Chrome Extensions Falsely Pose as Password Managers

-

Google Chrome extensions are extremely helpful, whether you aim to block advertisements, monitor the best deals, or enhance your browsing experience They can be obtained from the Chrome Web Store, similar to how applications work in the Play Store. Nonetheless, extensions are more susceptible to being replicated and transformed into harmful software than apps are.

As we recently reported, more than 3.2 million users fell prey to a security breach linked to 16 malicious browser extensions , emphasizing how attackers use seemingly legitimate tools to propagate malware or pilfer confidential information.

Currently, security experts have identified a shape-shifting assault enabling harmful Chrome extensions to morph into various browser add-ons such as password managers, cryptocurrency wallets, and banking applications with the intent of extracting confidential data.

Continue reading to understand how this assault operates and ways to safeguard yourself against it.

STAY SECURE AND WELL-INFORMED! RECEIVE SECURITY ALERTS AND VALUABLE TECH ADVICE – JOIN KURT’S THE CYBERGUY REPORT TODAY!

Security researchers at SquareX Labs I have discovered a novel technique that enables harmful Chrome extensions to masquerade as reputable ones, such as password managers, cryptocurrency wallets, and financial applications, thereby facilitating the theft of confidential data. This “polymorphic” assault exploits vulnerabilities within Chrome’s extension framework to deceive users without drawing attention.

REVIEW ON THE FOX NEWS APPLICATION

The assault begins when attackers post what appears to be an innocuous add-on on the Chrome Web Store. This extension could include genuine functionalities, such as an AI-driven marketing utility, which helps persuade users to install and fix it within their browser interface.

After installation, the harmful extension examines the user's browser for additional installed extensions. This process occurs through two methods. Should it possess access to the "chrome.management" API, it obtains a direct listing of the installed extensions. However, if such permissions aren’t granted, it introduces scripts onto websites to identify specific files or assets associated with particular extensions.

When it identifies a specific target such as 1Password, the harmful extension communicates with a server controlled by attackers. Following this communication, the assailants instruct it to mimic the genuine extension by deactivating it when permitted, altering its title and symbol, and showing a counterfeit login pop-up that closely resembles the actual one.

THE CONCEALED PRICES OF GRATIS APPLICATIONS: YOUR PRIVATE DATA

In order to obtain user login details, the harmful browser add-on initiates a counterfeit "Session Expired" notification whenever the target attempts to sign in to a site. It deceives them into believing they must enter their authentication information again for their password management tool or financial application. Once this occurs, the captured data gets dispatched directly to the perpetrators.

Once the necessary credentials have been obtained, the extension reverts to its initial state. By restoring the genuine extension, all appearances become typical again, ensuring the user remains unaware of any foul play. This highlights the significant threat posed by harmful Chrome extensions and underscores the necessity for enhanced security protocols to safeguard users effectively.

We contacted Google, and a representative informed CyberGuy, "We value the efforts of the research community, and we have received their report. We continuously invest in enhancing the security measures for the Chrome Web Store, and we address potential risks promptly upon being notified."

WHAT EXACTLY IS ARTIFICIAL INTELIGENCE (AI)?

THWOLET HACKERS WHO AIM TO SNATCH YOUR PERSONAL IDENTIFICATION INFORMATION

Below are five methods to protect your private data and uphold your online privacy.

1. Ensure your web browser and add-ons are current: Obsolete software serves as a treasure trove for cybercriminals. Flaws or security loopholes in outdated editions of your web browsers or plugins can be leveraged to introduce harmful code, pilfer information, or seize control of your device. Software updates address these weaknesses, rendering them an essential safeguard. Enable automatic updating for your browser (such as Chrome, Firefox, or Edge) so you consistently operate with the most recent version effortlessly. For more details, check out my guide on this topic. staying current with updates for your gadgets and software applications for more information.

2. Download extensions exclusively from reputable sources: The official extension repositories such as the Chrome Web Store or Firefox Add-ons include checks and regulations designed to identify malicious entities, though these safeguards aren't infallible. Downloading add-ons from obscure sites or unverified sources significantly increases the risk of encountering harmful software like malware or spyware. Always obtain extensions directly through your browser’s official store; avoid installing them from dubious links.

3. Use robust antivirus protection: To protect yourself against harmful links that could lead to malware installation and unauthorized access to your sensitive data, installing antivirus software across all your gadgets is essential. Such protective measures can additionally warn you about phishing attempts and ransomware schemes, ensuring the security of both your personal details and online possessions. Check out my selections for the top 2025 antivirus protections for your Windows, Mac, Android, and iOS gadgets. .

4. Update your passwords: Update the passwords for any accounts that might have been impacted by the extension, ensuring you utilize distinct and robust passwords for every service. It would be beneficial to adopt a password manager. Such tools can assist you in creating and safeguarding strong, individualized passwords across all your platforms. For further information, visit my website. top-rated password managers according to experts for 2025 .

5. Spend money on personal data elimination services: Should your private details be compromised by an extension, it’s essential to take swift action to minimize the chances of falling victim to identity theft or fraud. Although no platform guarantees complete eradication of all your data online, utilizing a removal service can be highly beneficial if you aim to consistently oversee and automatize the task of eliminating your information across numerous websites over extended periods. Take a look at my recommended data removal services below. .

A MAJOR SECURITY VULNERABILITY LEAVES THE MOST WIDELY USED BROWSERS EXPOSED ON MAC OS

The malicious extension highlights that Google isn’t doing enough to keep malware off its platform. Security researchers pointed out that the Chrome Web Store lacks protections against these types of attacks, such as blocking sudden changes to an extension’s icon or HTML, or at least alerting users when such changes occur. The problem isn’t limited to the Chrome Web Store. The Play Store also hosts malicious apps from time to time, affecting millions of users. Google needs to step up its security efforts and put user privacy front and center.

Do you have confidence in Google to prevent harmful applications and browser add-ons from appearing on its platforms? Share your thoughts with us by contacting us at Cyberguy.com/Contact.

To receive additional tech advice and security warnings, sign up for my complimentary CyberGuy Report Newsletter by visiting Cyberguy.com/Newsletter.

Feel free to ask Kurt a question or suggest topics you're interested in for our coverage.

Follow Kurt on his various social media platforms:

  • Facebook
  • YouTube
  • Instagram

Responses to the frequently queried issues by CyberGuy:

  • What’s the most effective method for safeguarding your Mac, Windows PC, iPhone, and Android gadgets against hacking?
  • What is the most effective method for maintaining privacy, security, and anonymity when surfing the internet?
  • What methods can be used with apps and data removal services to eliminate robocalls?
  • What steps should I take to eliminate my personal information from the web?

New from Kurt:

  • Check out CyberGuy's latest games (including crosswords, word puzzles, quizzes, and much more!).
  • CyberGuy's special discounts and offers

Copyright 2025 CyberGuy.com. All rights reserved.

Original article source: Risky Chrome extensions imitate password managers

Comments

Post a Comment

Popular posts from this blog

Paradise Islands Offer Citizenship for Less Than £36,000

-
Image
Didn't you catch wind of it? For only $105,000, you can purchase citizenship to a tropical island paradise these days. The island country of Nauru located in the Pacific is offering passports to foreign nationals for $105,000 (£81,000) as part of an effort to generate funding for its climate emergency reserve. Soaring sea levels are swiftly eroding Nauru’s coastlines. In reaction, the nation’s leadership is considering a large-scale move inland; however, they are facing difficulties in securing funding for this initiative. Approximately ninety percent of the island's inhabitants will likely have to relocate to elevated areas due to sea levels surrounding Nauru increasing at a rate one point five times quicker than the worldwide average. Many nations provide citizenship in return for significant financial investments or property purchases. However, certain options may stand out specifically to wealthy Britons looking for opportunities. In fact, several stunning t...
Read more

Australian Grand Prix Fences Go Black for Clever Reason

-
Image
The 2025 Australian Grand Prix introduces several modifications to the circuit, primarily focusing on Turn 6 where Mercedes' George Russell had a crash in the previous year. However, the track authorities have implemented an additional alteration. The fencing along the Melbourne street race course has been painted black, particularly in the region of the starting grid. This minor alteration significantly enhances visibility for both spectators with tickets and photographers, despite its subtle nature. The cause stems from how light reflects off the metal. Black paint helps with this by absorbing the light, thus making it simpler to maintain visibility. Formula One tracks have consistently needed to address the visibility and safety of spectators holding tickets. Essential safety features include barrier walls and catch fencing, which protect not only the audience but also racers themselves. Take, for instance, Zhou Guanyu’s accident at Silverstone in 2023; without the p...
Read more

Bill Passes Just Hours Before Deadline, Averts Shutdown and Defeats Filibuster

-
Image
On Friday, senators moved forward with the stopgap funding measure approved by the House as the clock ticks nearer to a potential government closure. With a vote of 62 to 38, the senators decided to move forward with the proposal. Almost all Republicans along with ten Democrats helped override the filibuster. Senate Minority Leader Chuck Schumer from New York Senate Minority Whip Dick Durbin from Illinois, along with Senators Angus King of Maine, Brian Schatz of Hawaii, Catherine Cortez Masto of Nevada, John Fetterman of Pennsylvania, Gary Peters of Michigan, Maggie Hassan of New Hampshire, Kirsten Gillibrand of New York, and Jeanne Shaheen of New Hampshire, voted to advance the bill, going against the majority of their fellow Democrats. The House-passed short-term A spending measure, referred to as a continuing resolution (CR), would maintain funding at FY 2024 levels up until October 1st. Nevertheless, should Congress fail to pass this legislation before 11...
Read more