A malicious code infected nearly three million users that targeted Edge and Chrome extensions. These extensions contained the code and could execute operations like redirecting the user traffic to phishing sites and ads. The malware also had the power to gather data such as email addresses, birth dates, active devices as well as browser history. However, Avast states that despite the power of the code, the goal of the campaign might have been to hijack user traffic.
More than 13 million users installed 13 edge and 15 Chrome extensions containing malware
Avast researchers found 28 extensions for Microsoft Edge and Google Chrome that contained malware. The add-on was billed as a solution to acquire movies, footage, and other websites content. The material from sites also include those with Spotify, Facebook, Vimeo, and Instagram. Some of the extensions that had the malicious code and threatened cyber security are as follows:
- Stories for Instagram
- Universal Video Downloader
- Vimeo™ Video Downloader
- Video Downloader for YouTube
- Volume Controller
According to the company, cyber criminals would receive payment for every redirection into a third party domain. Avast Antivirus also said that some of these dangerous extensions might have been active from 2018.