1.3 mn users faced browser extension threats in H1 of 2022: Researchers

Cyber-security researchers said on Thursday that more than 1.3 million users were affected by threats hiding in browser extensions in the first half of 2022.

The figure is over 70 per cent of the number of users affected by the same threat throughout 2021.

Kaspersky researchers analysed what risks innocent-looking browser extensions pose to users and the activities of cybercriminals hiding threats under add-ons.

Mimicking popular apps such as Google Translator or extensions with useful functionality like PDF Converter or Video Downloader, threats in browser extensions can insert advertisements, collect data about users’ browsing histories and even search for login credentials.

“Even browser extensions that do not carry a malicious payload can be dangerous. For example, when the developers of these add-ons sell gathered user data to other companies, potentially exposing their data to someone who was not supposed to see it,” said Anton Ivanov, senior security researcher.


The most prominent threat spread under the guise of browser extensions has been adware — unwanted software designed to throw advertisements up on the screen.

Such advertisements are usually based on the browsing history to catch users’ interest, embed banners in web pages or to redirect them to affiliate pages that the developers can earn money from, instead of legitimate search engine ads.

From January 2020 to June 2022, Kaspersky experts observed more than 4.3 million unique users faced adware hiding in browser extensions, which means approximately 70 per cent of all affected users have encountered this threat.

Adware can track everything the user searches for and then promote these products with affiliate ads on search engine

In 2020, Google removed 106 malicious browser extensions from its Chrome Web Store.

In total, these malicious extensions were downloaded 32 million times, putting the data of millions of users at risk.

“However, this does not happen often, the main way malicious add-ons are distributed is through third-party resources, said the report.



(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

Dear Reader,

Business Standard has always strived hard to provide up-to-date information and commentary on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering have only made our resolve and commitment to these ideals stronger. Even during these difficult times arising out of Covid-19, we continue to remain committed to keeping you informed and updated with credible news, authoritative views and incisive commentary on topical issues of relevance.

We, however, have a request.

As we battle the economic impact of the pandemic, we need your support even more, so that we can continue to offer you more quality content. Our subscription model has seen an encouraging response from many of you, who have subscribed to our online content. More subscription to our online content can only help us achieve the goals of offering you even better and more relevant content. We believe in free, fair and credible journalism. Your support through more subscriptions can help us practise the journalism to which we are committed.

Support quality journalism and subscribe to Business Standard.

Digital Editor

Originally appeared on: TheSpuzz