Many Chrome and Edge browser extensions are infected with malware and affecting users around the world.
According to the Avast threat researcher, many third-party browser extensions for services like Facebook, Instagram, and Vimeo are infected with several types of malware. They found the above malware in 28+ extensions for Google Chrome and Microsoft Edge.
Since these are quite popular extensions associated with major platforms like Facebook and Instagram, Avast announces that no less than 3 million users have installed them on their browsers. Most of these add-ons are designed to help users download videos from popular websites like Facebook and Video, which is a fairly essential need of social media users, so exploiting attacks also becomes easier.
Since extensions are designed for use by browsers and not a specific operating system, they have a greater chance of infecting more people. The Avast security team also added that the malware program will use JavaScript code or other backdoor vulnerabilities to download malware and install them on the computer. Of course, later malware aggregation will harm the security and privacy of the device, and users have reported being manipulated by their internet experience by these add-ons as if they were exposed to Strange URLs and phishing pages when they click on links that look normal.
Avast believes attackers are being paid per user they redirect to a malicious website. The company also publishes a list of malicious extensions that you should uninstall immediately, which can be found at https://press.avast.com/third-party-browser- extensions-from-instagram-facebook-vimeo-and-others-infected-with-malware.