"Fake VPN Chrome Extensions Force-Installed 1.5 Million Times"

Security researchers at ReasonLabs have discovered that three malicious Chrome extensions posing as VPNs were downloaded 1.5 million times, acting as browser hijackers, cashback hack tools, and data stealers.  The researchers noted that the malicious extensions are spread via an installer hidden in pirated copies of popular video games like Grand Theft Auto, Assassins Creed, and The Sims 4, which are distributed from torrent sites.  The researchers notified Google of its findings, and the tech giant removed the offending extensions from the Chrome Web Store.  Specifically, the malicious extensions were netPlus (1 million installs), netSave, and netWin (500,000 installs).  The researchers stated that the most infections are in Russia and countries like Ukraine, Kazakhstan, and Belarus, so the campaign appears to target Russian-speaking users.

 

BleepingComputer reports: "Fake VPN Chrome Extensions Force-Installed 1.5 Million Times"

Submitted by Adam Ekwall on