Internet users should exercise caution when installing Google Chrome extensions, as the company deleted more than 100 malicious links after it was found collecting “sensitive” user data, announced today Today the country’s cybersecurity agency.
India’s emergency response IT team (CERT-In), the national tech industry to fight cyber attacks and protect Indian cyberspace, also said that these extensions contained code to bypass security scans from the Google Chrome online store.
Malicious extensions had the ability to take screenshots, read the clipboard, collect authentication cookies, or enter user keys to read passwords and other confidential information, he said. he declares.
“It has been reported that Google has removed 106 Google Chrome browser extensions from the Chrome web store, which were found collecting sensitive user data,” the agency said in the notice.
“These extensions, allegedly posed as tools to improve web searches, convert files between different formats as security scanners and more,” he added.
The federal cybersecurity agency has suggested that users uninstall Google Chrome extensions with the identifiers indicated in the IOC section (flowchart).
Users can visit the chrome extensions page and then activate developer mode to see if they have installed any of the malicious extensions, and then remove them from their browsers, he added.
The agency advised Internet users to install only the extensions that are absolutely necessary and to send user reviews before doing so.
They should uninstall extensions that are not in use, he added, adding that users should not install extensions from unverified sources.
(With the exception of the title, this story was not edited by GalacticGaming staff and is published from a syndicated feed.)