MALICIOUS Google Chrome extensions downloaded by more than 80million people have been uncovered by cyber security buffs.
The dodgy tools available through the Chrome Web Store allowed hackers to take over your phone or spam you with ads that tank your gadget’s battery life.
More than 300 harmful extensions were uncovered by AdGuard, which builds a line of ad-blocking and privacy protection software.
The downloads were disguised as ad-blocking tools, games, themes and wallpapers. They have now been removed from the Chrome Web Store.
“You’ll never have to scroll far or spend a lot of time to find scam extensions,” AdGuard wrote in a blog post last week.
“You can always trust Chrome Web Store to bump such extensions to the very top of the list.”
AdGuard discovered the network of fake extensions while researching a series of dodgy ad-blockers.
The network comprised roughly 300 extensions downloaded by 80million people worldwide.
In their blog post, the team reported three tactics used by hackers to swindle unsuspecting users.
One involved injecting ads into Google search results that were riddled with malware.
This has been used by crooks before and can be used to take over your mobile. It has also been known to affect your phone or laptop’s battery life.
A second method used by a portion of the dodgy extensions sets web cookies for users that then funneled affiliate payments back to the hacker.
This was mostly used to make some extra cash but could also have had a negative impact on your battery performance.
Finally, a third approach allowed hackers to remotely change how your phone worked at a moment’s notice.
“They can start doing some shady stuff at any second,” AdGuard said.
Dodgy extensions disguised as legitimate ones are banned by Google and the firm monitors and attempts to keep the Chrome Web Store free of them.
AdGuard reported the extensions found by its team to Google.
The search giant had not removed them from the Chrome Web Store at the time the blog was published on August 4.
However, the company later removed most of them after AdGuard’s research began to appear on news sites, AdGuard said.
A Google spokesperson told The Sun: “When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses.”
AdGuard accused Google of setting up lax safeguards for Web Store users.
“These extensions keep occupying top positions in the Store and doing their dark deeds,” researchers wrote.
“Maybe I just need to wait more, like a month? But I’m afraid during that month a couple hundred thousands more users will get hurt.”
The Sun has reached out to Google for comment.
To protect yourself from dodgy Google Chrome extensions, AdGuard provided the following advice:
In other news, an Alexa ‘snooping-blocker’ that jams the microphone of your Echo smart speaker has been developed.
Netflix lovers are being warned about a new email scam claiming to offer a year’s free subscription to the service.
And, Garmin is back online after being targeted by hackers.
Have you come across any dodgy Google Chrome extensions? Let us know in the comments…
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? at [email protected]