"Google Removes 500+ Malicious Chrome Extensions From the Web Store"

More than 500 malicious Chrome extensions were recently removed from Google's Web Store. An investigation conducted by security researcher Jamila Kaya and Cisco's Duo security found that the extensions injected malicious ads (malvertising) in millions of Chrome installs. The code injected by the extensions redirected users to a site at which malware is downloaded or a phishing page. In other cases, users were redirected to legitimate sites such as Macy's, Dell, or Best Buy. According to a report released by Duo Security, the extensions were related to a larger malware operation, found to be active for about two years. Google has responded to this discovery by banning the malicious extensions from its official Web Store, deactivating the extensions inside every user's browser, and marking each extension as "malicious" so that users can remove and avoid reactivating them. This article continues to discuss the discovery of the malicious Google Chrome extensions, how Google has responded, and past findings surrounding harmful Chrome extensions.

ZDNet reports "Google Removes 500+ Malicious Chrome Extensions From the Web Store"