- Get link
- X
- Other Apps
Browser extensions are useful, but they can also be dangerous. See what can go wrong and what you can do about it to stay protected.
You are probably familiar with browser extensions, which most of us use on a daily basis. They add useful functionality, but at the same time, they are a threat to both your privacy and security. Let's discuss what's wrong with them and how you can ensure your devices are protected. First, let's understand what exactly extensions are.
What Are Browser Extensions and Why Do You Need Them?
An extension is like a plugin for your browser that adds certain features to it. Extensions can modify the user interface or add some web service options.
For example, extensions are used to block ads, translate text, or add pages on other note services like Evernote or Pocket. Extensions are many - there are hundreds or even thousands - for productivity, customization, shopping, games, and more.
Almost all popular browsers support extensions - you can find them on Chrome and Chromium, Safari, Opera, Internet Explorer, and Edge. They are widely available and some are quite useful, so many people end up using several.
What Can Go Wrong With Extensions?
Malicious Extensions
First, extensions can be purely malicious. This happens mostly with those that come from third-party websites, but sometimes - as in the cases of Android and Google Play - the malware infiltrates official stores as well.
For example, researchers recently discovered four extensions on the Google Chrome Web Store that looked like harmless reminder apps but were actually caught generating profits for their creators by secretly clicking on pay-per-click ads.
How can an extension do something like this? Well, to do anything, an extension requires permissions. The problem is that, among the browsers commonly used by people, only Google Chrome asks the user if he can grant these permissions; others allow extensions to do whatever they want by default, and the user has no choice.
However, even in Chrome, this permission management exists only in theory - in practice, it doesn't work. Even the most basic extensions usually require permission to "read and modify all of your data on the websites you visit", which gives them the power to do virtually anything they want with your information. And if you do not grant this permission, they will not be installed.
We stumbled upon another example of malicious extensions some time ago - they were being used by criminals to spread malware on Facebook Messenger.
Hijacking and Buying Extensions
Browser extensions are an interesting target for criminals because many have huge user bases. And they are updated automatically - if a user downloaded a harmless extension, it can be updated to become malicious; this update would be downloaded to the user immediately - he may not even notice it.
A good developer would not do that, but your account can be hijacked and a malicious update made available on the official store on your behalf. This is what happened when criminals used phishing to gain access credentials from the developers of a popular plugin called Copyfish. In this case, the plugin, which originally used visual recognition, was used by criminals to distribute additional ads to users.
Sometimes developers are approached by companies that offer to buy their extensions for very attractive amounts. Extensions are often difficult to monetize, which is why developers often rush to close these deals. After the company buys the extension, it can update it with malicious features, and that update will be pushed to users. For example, this is what happened to Particle, a popular Chrome extension for customizing YouTube that was abandoned by developers. A company bought it and immediately turned it into adware.
Not Malicious, but Dangerous
Even extensions that are not malicious can be dangerous. The danger arises because most of them have the ability to collect a lot of data about users (remember the permission to “read and modify all your data on websites you visit”). To guarantee your livelihood, some developers sell anonymous data collected to third parties. This is typically mentioned in the extension's End User License Agreement (EULA).
The problem is that most of the time this data does not become sufficiently anonymous, which leads to serious privacy problems: whoever bought the data can identify the users of the plugin. This happened with the Web of Trust - a plugin that was already very popular for Chrome, Firefox, Internet Explorer, Opera, Safari, and other browsers. The plugin was used to rate websites based on popular opinion. In addition, the extension collected all of its users' browsing history.
A German website claimed that the Web of Trust was selling the collected data to third parties without making it properly anonymous, which caused Mozilla to withdraw its store extension. The creators of the extension then removed it from all other browser stores. However, a month later the extension was back. The Web of Trust is not a malicious extension, but it can harm people by exposing their data to someone who shouldn't have known which sites users visit and what they do there.
How to Use Extensions Safely?
Despite the fact that extensions can be dangerous, some of them are really useful, which is why you probably don't want to give them up completely. I still use at least half a dozen of them, and I'm sure two of them use the “read and modify” permission mentioned earlier.
It may be safer not to use them, but this is inconvenient, so we need a way to use extensions more or less safely. Here's how:
- Do not install too many. Not only do they affect your computer's performance, but they are also a potential attack vector, so limit your number to just a few of the most useful ones.
- Install from official stores only. There, they undergo analyzes in which security experts filter out those who are malicious from head to toe.
- Pay attention to the permissions that extensions require. If an extension already installed on your computer asks for new permission, this should immediately get your attention; something is probably happening. This extension may have been hijacked or sold. And before installing any extension, it is always a good idea to look at the required permissions and reflect on whether they match the functionality of the application. If you can't find a logical explanation for the permissions, it's probably best not to install.
- Use a good security solution. The Protegent360 Antivirus Software can detect and neutralize malicious code in browser extensions. Our antivirus solutions use a vast database of malicious extensions that is frequently updated - and we discover new malicious Chrome extensions almost daily.
Comments
Post a Comment