An action as innocent as installing a series of extensions in our favorite browser, such as Chrome, can end up destroying all the security we have on the computer.
And now three malicious extensions Chrome that posed as a VPN, have managed to infect 1.5 million computers and among other things can hijack the browser of infected computers.
This has been discovered by cybersecurity researchers from ReasonLabs, who claim that these malicious extensions have been spreading through a hidden installer in pirated copies of popular video games such as GTA or The Sims 4, among others.
Although Google has already removed these three extensions from the Chrome Web Store, previously they had already been downloaded 1.5 million times.
The malicious netPlus VPN extension was downloaded 1 million times, while netSave and netWin had 500,000 installations.
This hidden installer was found in different torrents and their installation is automatic and forced.
These malicious extensions make use of a realistic VPN user interface, with even a subscription option to appear a sense of authenticity.
These malicious extensions can also execute scripts through the API off-screen and are capable of stealing sensitive user data, performing browser hijacks, manipulating web requests, or even disabling other installed expressions.
This issue highlights the low level of security associated with browser extensions like Chrome, so you should try to only use extensions from well-known companies or those with millions of installations.
