Warning issued to 3,200,000 Google Chrome users over dangerous hacking scam

Hackers are having success with 16 Google Chrome extensions

A warning has been issued to more than 3.2 million people who use Google Chrome every day over a dangerous hacking scam involving the popular web browser.

Whether it be for work purposes or for browsing the web, millions across the globe use Chrome for hours a day on desktop and mobile. And those who use the browser should be aware of a warning about 16 different browser extensions that have been compromised by hackers.

The list of extensions being impacted include Blipshot, Emojis, Color Changer for YouTube, Video Effects for YouTube and Audio Enhancer, Themes for Chrome and YouTube Picture in Picture and Mike Adblock for Chrome, Super Dark Mode and Emoji Keyboard Emojis for Chrome, as per the Daily Mail.

Meanwhile, Adblock for Chrome, Nimble Capture, KProxy and Page Refresh, Wistia Video Downloader, Adblocker for Chrome and Adblock for You are also said to be influenced by hackers.

First time commercial astronauts have completed a spacewalk from a commercial spacecraft’

A warning has been issued to Google Chrome users (Getty Stock Photo)

GitLab Threat Intelligence, who uncovered the dodgy scheme, stated on their website: “We identified a cluster of at least 16 malicious Chrome extensions used to inject code into browsers to facilitate advertising and search engine optimization fraud.

“The extensions span diverse functionality including screen capture, ad blocking and emoji keyboards and impact at least 3.2 million users.

“The threat actor uses a complex multistage attack to degrade the security of users’ browsers and then inject content, traversing browser security boundaries and hiding malicious code outside of extensions. We have only been able to partly reproduce the threat actor’s attack chain.”

The team of computer experts noted that while these extensions have been deleted from the Web Store, those who already have any of them downloaded will need to delete them manually to steer clear of the hackers.

“The threat actor may also be associated with phishing kit development or distribution. The malicious extensions present a risk of sensitive information leakage or initial access,” GitLab Threat Intelligence added on their site.

Hackers are targeting 16 extensions (Jaap Arriens/NurPhoto via Getty Images)

Cybercriminals are seemingly using all the right tricks to take advantage of innocent web users, with them receiving targeting Gmail users.

Spencer Starkey, a vice-president at SonicWall, has stated companies such as Google need to be on their toes to ensure their users are safe.

He said: “Cybercriminals are constantly developing new tactics, techniques, and procedures to exploit vulnerabilities and bypass security controls, and companies must be able to quickly adapt and respond to these threats.

“This requires a proactive and flexible approach to cybersecurity, which includes regular security assessments, threat intelligence, vulnerability management, and incident response planning.”