...发现了 32 个恶意浏览器插件!总安装量高达 7500 万次,Avast检测到新...
发布网友
共1个回答
热心网友
Avast, a renowned cybersecurity company headquartered in the Czech Republic, offers various security solutions and products aimed at protecting individuals and enterprises from numerous online threats and malware.
Google recently removed 32 malicious browser extensions from the Chrome Web Store. These extensions were manipulating search results and pushing unwanted spam or advertisements. In total, they were downloaded 75 million times.
The extensions had legitimate features that obscured the malicious behavior embedded in the code, making them appear harmless.
Avast discovered 32 malicious extensions in the Chrome Web Store, with a total installation count of 75 million times.
In the ever-evolving cybersecurity landscape, new threats emerge daily. Avast's team recently uncovered a series of malicious browser extensions spreading adware and search result hijackers. These attacks affected approximately 24,000 users, potentially impacting millions globally.
The investigation began with Wladimir Palant, a respected cybersecurity researcher, who identified malicious code in the PDF Toolbox extension. His findings, detailed in his blog, prompted a deeper investigation.
Avast found 32 malicious extensions in the Chrome Web Store, with a total of 75 million installations. These extensions offered a range of functionalities, including ad blockers, downloaders, browser themes, recorders, and tab managers. However, some 50 extensions were already removed.
Although the numbers are concerning, it's worth noting that Avast's team believes the actual installation count might have been exaggerated. The low number of reviews on the Chrome Web Store, combined with the discrepancy between the reported threat count and the installation figures, suggests this possibility.
One of the most challenging aspects of malicious browser extensions is their deceptive nature. They appear to offer legitimate features but conceal malicious code that triggers harmful actions. In this case, the extensions were spreading adware and altering search experiences through sponsored links, paid search results, and potentially malicious links.
Researchers at Avast analyzed the Chrome Web Store's PDF Toolbox extension, which had been downloaded 2 million times. They found code that disguised itself as a legitimate extension API wrapper.
The top few malicious extensions include:
Extension IDs:
aeclplbmglgjpfaikihdlkjhgegehbbf afffieldplmegknlfkicedfpbbpaef ajneghihjbebmnljfhlpdmjjpifeaokc ameggholdkgkdepolbiaekmhjiaiiccg bafbedjnnjkjjjelgblfbddajjgcpndi bahogceckergcanpcoabcdgmoidngedmfo bikjmmacnlceobeapchfnlcekincgkng bkbdedlenkomhjbfljaopfbmimhdgenl bkflddlohelgdmjoehphbkfallnbompm bkpdalonclochcahhipekbnedhklcdnp bppfigeglphkpioihhhpbpgcnnhpogki cajcbolfepkcgbgafllkjfnokncgibpd ciifcakemmcbbdpmljdohdmbodagmela deebfeldnfhemlnidojiiiadkgnglpi diapmightkmmnpmdkfnmlbpkjkealjojg dlnanhjfdjgnnmbajgikidobcbfpnblp dppnhoaonckcimpejpjodcdoenfjleme edadmcnnkkkgmofibeehgaffppadbnbi edaflgnfadlopeefcbdlcnjnfkefkhio edailiddamlkedgjaoialogpllocmgjg edmmaocllgjakiiilohibgicdjndkljp eibcbmdmfcgklpkghpkojpaedhloemhi enofnamganfiiidbpcmcihkihfmfpobo epmmfnfpkjjhgikijelhmomnbeneepbe fcndjoibnbpijadgnjjkfmmjbgjmbadk fejgiddmdpgdmhhdjbophmflidmdpgdi ffiddnnfloiehekhgfjpphceidalmmgd fgpeefdjgfeoioneknokbpficnpkddbl fhnlapempodiikihjeggpacnefpdemam finepngcchiffimedhcfmmlkgjmeokpp flmihfcdcgigpfcfjpdcniidbfnffdcf fpfmkkljdiofokoikgglafnfmmffmmhc gdlbpbalajnhpfklckhciopjlbbiepkn geokkpbkfpghbjdgbganjkgfhaafmhbo gfbgiekofllpkpaoadjhbbfnljbcimoh ghabgolckcdgbbffijkkpamcphkfihgm glfondjanahgpmkgjggafhdnbbcidhgf gliolnahchemnmdjengkkdhcpdfehkhi gnmjmennllheofmojjffnidneaohleln hdgdghnfcappcodemanhafioghjhlbpb hdifogmldkmbjgbgffmkphfhpdfhjgmh hhhbnnlkhiajhlfmedeifcniniopfaoo higffkkddppmfcpkcolamkhcknhfhdlo hmakjfeknhkfmlckieeepnnldblejdbd icnekagcncdgpdnpoecofjinkplbnocm iejlgecgghdfhnappmejmhkgkkakbefg igefbihdjhmkhnofbmnaglkafpaancf igfpifinmdgadnepcpbddpndnlkdela iicpikopjmmincpjkckdngpkmlcchold imfnolmlkamfkegkhlpofldehcfghkhk jbolpidmijgjfkcpndcngibedciomlhd jjooglnnhopdfiiccjbkjdcpplgdkbmo jlhmhmjkoklbnjjocicepjjjpnnbhodj kafnldcilonjofafnggijbhknjhpffcd keecjmliebjajodgnbcegpmnalopnfcb kjeffohcijbnlkgoaibmdcfconakaajm lcdaafomaehnnhjgbgbdpgpagfcfgddg lgjdgmdbfhobkdbcjnpnlmhnplnidkkp lhpbjmgkppampoeecnlfibfgodkfmapd likbpmomddfoeelgcmmgilhmefinonpo lipmdblppejomolopniipdjlpfjcojob lklmhefoneonjalpjcnhaidnodopinib llcogfahhcbonemgkdjcjclaahplbldg lmcboojgmmaafdmgacncdpjnpnnhpmei lpejglcfpkpbjhmnnmpmmlpblkcmdgmi magnkhldhhgdlhikeighmhlhonpmlolk mcmdolplhpeopapnlpbjceoofpgmkahc meljmedplehjlnnaempfdoecookjenph nadenkhojomjfdcppbhhncbfakfjiabp nbocmbonjfbpnolapbknojklafhkmplk ngbglchnipjlikkfpfgickhnlpchdlco njglkaigokomacaljolalkopeonkpbik obeokabcpoilgegepbhlcleanmpgkhcp obfdmhekhgnjollgnhjhedapplpmbpka oejfpkocfgochpkljdlmcnibecancpnl okclicinnbnfkgchommiamjnkjcibfid olkcbimhgpenhcboejacjpmohcincfdb ooaehdahoiljphlijlaplnbeaeeimhbb pbdpfhmbdldfoiognphkiocpidecmbp pbebadpeajadcmaoofljnnfgofehnpeo pidecdgcabcolloikegacdjejomeodji pinnfpbpjancnbidnnhpemakncopaega
