Over three million Google Chrome users have been issued a warning concerning 16 browser extensions that have been compromised by hackers. This alarming news comes hard on the heels of reports earlier this month that cybercriminals are also leveraging search engine giant Google’s new Gemini 2.0 (artificial intelligence) AI assistant.
The list of Google’s hacked browser extensions includes: Emojis, Video Effects for YouTube, Audio Enhancer, Blipshot, Color Changer for YouTube, Themes for Chrome, and YouTube Picture in Pictures. Adblocker for Chrome, Adblock for You, Adblock for Chrome, Nimble Capture, KProxy and Page Refresh, Wistia Video Downloader have also been compromised.
The Chrome Web Store has already deleted the hacked extensions so no one else can download the corrupted programs. But anyone who has already installed them must delete the 16 hacked extensions immediately.
All organizations must be aware of the danger
While the hacked extensions are mainly ones used by consumers, many companies have also adopted them. Organizations in all sectors must also be aware of the danger of staff having installed them while using devices that also have access to corporate data. In such cases, the hacked extensions could be used by cybercriminals and ransomware groups as entry points into corporate systems.
The hacked Chrome extensions were taken over by cyber-criminals using phishing attacks on developers. In some cases, the creators of the extensions are believed to have been directly scammed into transferring control of their inventions by the cybercriminals. The hackers were then able to inject malicious updates into the extensions – opening the door to future cyber-attacks. It is, therefore, essential for companies and individuals to also check what “permissions” each compromised extension has been granted.
All websites visits may also be hacked
The hacked Chrome extensions are known to have already used permissions enabling them to interact with all the websites visited by the victims, allowing them to infect those websites with malicious code. The compromised Chrome add-ons have, therefore, spread the hackers’ malicious code where the users browsed.
The security threats now surrounding Google’s Chrome extensions and its Gemini AI assistant underline the importance of closely monitoring all work devices used by employees. Where feasible, staff should be strongly discouraged from downloading any software or applications that have not been approved by the company’s IT department onto devices that are also used for corporate communications.
