All products and promotions are independently selected by our experts. To help us provide free impartial advice, we will earn an affiliate commission if you buy something. Click here to learn more
If you're one of the billions who rely on Google Chrome every day, pay close attention.
Cybersecurity experts from Socket have uncovered 108 dodgy browser extensions — small apps that modify how your browser works to offer new functionality — lurking in the official Chrome Web Store, and they've already been downloaded roughly 20,000 times. Many of these fake versions have been hiding in plain sight.
Some have posed as clients for the popular encrypted chat app Telegram, while others pretend to be slot machine games, and a few claimed to help translate text or boost your YouTube experience. But behind the scenes, every single one was quietly siphoning off your personal information and sending it to hackers.
A total of 54 fraudulent extensions were found to be after your Google account details
| GOOGLEOut of the 108 fraudulent extensions, 54 were designed to pilfer your Google Account details.
If you clicked on these extensions to sign-in, these dodgy apps stole your email address, real name, profile picture, and account ID by leveraging a tool called OAuth2 – a system that lets apps access your Google info.
The Telegram-targeting ones are particularly sneaky. They extract your login session data every 15 seconds, giving criminals constant access to your private messages and contacts.
Another 45 extensions were found to contain hidden backdoors that could open any website the attackers wanted the moment you launched your browser – no clicking required from you.
While nobody's confirmed exactly who's behind the latest scam attempt, researchers at Socket believe the evidence points towards a Russian malware-as-a-service operation
| UNSPLASHResearchers from Socket managed to trace all 108 extensions back to a single command-and-control server – essentially one central hub controlling the entire operation.
The criminals tried to cover their tracks by publishing the extensions under five different fake developer names, including Yana Project, GameGen, SideGames, Rodeo Games, and InterAlt.
However, investigators spotted Russian-language comments scattered throughout several of the add-ons. While nobody's confirmed exactly who's behind this, Socket believes the evidence points towards a Russian malware-as-a-service operation.
If you've installed any of these extensions, you'll want to act quickly to remove them.
VPN service provider ExpressVPN has published steps to have faulty Chrome extensions removed in a blog post. Follow these steps to remove an extension:
- Open Chrome and click the three-dot menu (top right).
- Select Extensions > Manage Extensions
- Find the extension you want removed, click Remove, and then confirm
LATEST DEVELOPMENTS
If you have a Telegram-related extension, you'll need to open your Telegram mobile app, find the Devices section, and log out of all your web sessions immediately — attackers may already have access to your conversations.
And if you signed into Google through any of these dodgy tools, it's best practice to treat your account as potentially compromised. You'll need to add in your Google account settings and revoke access for any third-party apps you don't recognise.
Going forward, you can also take preventive measures by installing one of the best VPN deals on your devices.
ExpressVPN offers 4 months free to protect your online activity
With its new multi-tier subscription structure, ExpressVPN has never been more affordable
If you want to unlock the ExpressVPN Basic plan, which offers unlimited access to its award-winning reliable and ludicrously speedy VPN servers across the globe, it has cut monthly subscriptions by 80%.
If you sign up for a 12-month plan, you'll be gifted with a generous 4 months of access to the award-winning VPN service for free. That equates to under 6 pence per day!
What is a VPN?
VPN stands for Virtual Private Network.
It's an application that encrypts and anonymises everything you do online — bolstering your privacy, hiding your location, and stopping advertisers, trackers, and even governments from keeping tabs on you.
VPNs are widely used by businesses to keep proprietary data safe from prying eyes. Whistle-blowers and journalists also rely on these apps to shield sensitive information. And now, VPNs are fast becoming an essential tool for everyone with a smartphone, laptop, desktop PC, streaming set-top box, or tablet.
A Virtual Private Network (VPN) is software that protects and anonymises everything you do online. | UNSPLASH Why should you install a VPN extension like ExpressVPN?
Most VPN extensions only encrypt your browser traffic, while a full VPN app encrypts all traffic from your device. However, unlike most Chrome extensions, ExpressVPN’s extension is linked to the full app and protects your entire device, including your browser.
While most websites now use HTTPS (HyperText Transfer Protocol Secure), which ensures everything you do on webpages is confidential, some websites can occasionally omit this vital protection.
But using a VPN app will ensure that every bit of information and data is protected at all times, even if a website isn’t completely safe.