Latest news with #ChromeWebStore
Forbes
2 days ago
- General
- Forbes
Delete All Google Chrome Extensions That Are On This List
Delete this threat immediately. NurPhoto via Getty Images Chrome warnings are again in the news this week, with Google confirming active attacks and issuing an emergency update for 3 billion users. The company also confirmed it had mitigated this threat by silently pushing out a config change to all users last week. Now a new warning from the team at LayerX has outed a silent threat of a very different kind. A 'network of malicious sleeper agent extensions" that seem 'to have all been developed by the same person or group, waiting for their 'marching order' to execute malicious code on unsuspecting users' computers.' LayerX joined the dots and flagged these specific extensions based on common code patterns, the same remote code execution to frustrate detection, and leveraging known malicious domains to carry out attacks. 'Capabilities that do not appear to have any legitimate use in relation to the supposed function of the extensions.' Thus far, four extensions have made this new naughty list — all of which 'seem to be focused on in-browser sound management' and all of which 'try to demonstrate legitimate functionality.' Critically, LayerX also warns that it is 'currently investigating several additional extensions that appear to be linked to this campaign.' This is the initial list of extensions to delete: As with other extension warnings seen in recent months, all those flagged by LayerX 'are still currently available on the Chrome Store.' I have reached out to Google for its view on these extensions and whether they will remain available on its store. It seems at least some of the extensions should have been removed already — clearly a requirement for tighter restrictions before extensions are made available to users. 'The extension 'Examine source code of Volume Max — Ultimate Sound Booster', with over one million downloads, has already been flagged by several [security] vendors. However, it was not removed from the Chrome Web Store.' While you should delete these extensions, they have been dubbed 'sleepers' because no malicious activity is yet underway. This is the threat potential given commonalities despite seemingly different developers, and those links to malicious domains. 'This type of 'sleeper' extension network,' LayerX warns, 'can serve as a substitute for traditional botnets. While building up botnets (usually on exposed IoT devices) can be slow, technically complex, and cumbersome, developing a network of malicious browser extensions is much simpler, and can provide direct access to key user identity information such as cookies, passwords, browsing data, and browsing content.' As users have been warned multiple times recently, extensions are a huge vulnerability when it comes to Chrome. A vast number of its users install at least one extension, both at home and at work, yet 'anyone can upload an extension, and it's virtually impossible to trace back the people behind these extensions.'
Techday NZ
30-05-2025
- Techday NZ
Experts warn of surge in Google, Apple, Microsoft breaches
Cybersecurity experts are raising alarm over a significant campaign targeting users through the Google Chrome Web Store, as well as the discovery of a vast database containing hundreds of millions of stolen log-in credentials. The recent developments underscore rising risks associated with browser extensions and the continuing vulnerabilities in digital identity platforms. "A Google Chrome Web Store campaign is using over 100 malicious browsers that mimic tools like VPNs, AI assistants, and crypto utilities to steal cookies and execute remote scripts secretly. Though Google has removed many extensions identified, some still remain on the Web Store," said Andrew Costis, Engineering Manager of the Adversary Research Team at AttackIQ. "The campaign relies on malvertising strategies to trick users into clicking buttons that link to malicious browser extensions. The extensions connect the victim to the threat actor's infrastructure, allowing information to be stolen, as well as modifying network traffic to deliver ads, perform redirections, or serve as a proxy. "With some of these extensions still active on the Chrome Web Store, it is essential that individuals and organizations take appropriate precautions. Knowledge is key -- users should only trust proven, reputable publishers and familiarize themselves with lure website domains. Additionally, organizations should implement adversarial exposure validation tools to ensure their security systems are tested against malicious browser campaigns." The campaign's persistence highlights the challenges facing platform operators like Google in completely eradicating malicious content from widely used app stores. With new extensions and techniques emerging regularly, the risk to end users remains ongoing. Meanwhile, cybersecurity concerns have been exacerbated by the discovery of a database containing an estimated 184 million records of stolen log-in credentials. The database reportedly contains detailed access information for popular services, including Apple, Microsoft, Google, Facebook, Instagram, Snapchat, as well as various banking, healthcare, and government platforms across numerous countries. "What's most noteworthy is how this breach highlights the immense value of centralized identity platforms like Google, Okta, Apple and Meta to attackers. With over 184 million records exposed, threat actors can now launch widespread account takeover attempts across countless SaaS applications and cloud services that rely on these providers for authentication," sid Cory Michal, Chief Security Officer at AppOmni. "This is not surprising. Databases like this are regularly bought, sold, and repackaged on dark web forums like BreachForums. Massive credential dumps are part of an ongoing black market where breached data is commoditized and often aggregated from multiple incidents over time. What's new isn't the existence of the data, but the scale, the recency of some credentials, and the targeting of identity providers that are widely used to access SaaS and cloud services—making this breach especially potent for enabling downstream account takeovers. "This breach calls attention to a bigger issue. We increasingly run our personal and professional lives through online platforms and SaaS products, yet our digital identities are still largely protected by outdated, vulnerable methods like usernames, passwords, and easily phishable MFA methods. As long as these remain the primary means of access, attackers will continue to exploit them at scale with infostealer malware and phishing. This highlights the urgent need for adoption of stronger, phishing-resistant authentication methods, continuous identity monitoring, and a shift toward identity-centric security models. "It also reinforces the need for organizations to adopt an identity-centric security posture and monitor for malicious activity even when logins appear legitimate. In today's SaaS driven environments, users and systems authenticate from anywhere, often using federated identity providers like Apple, Google, and Meta. This makes identity a primary control point for security." Both incidents reveal the critical need for vigilance and adaptation in security practices, as threat actors continue to exploit outdated habits and overlooked vulnerabilities with increasing effectiveness and reach.
Forbes
25-05-2025
- Forbes
Never Use These 100 Websites With Google Chrome
You have been warned — check Chrome now. Jaap Arriens/NurPhoto A serious new warning for Google Chrome users this week, with the release of a list of websites you must never use. There's a twist though. These websites hide behind major brands and trick you into installing dangerous malware. The tell is simple though — so while the list of websites is linked below, there's an easier way to stay safe. With Chrome users already facing a critical update warning, DomainTools found more than 100 websites [listed here on Github] 'masquerading as legitimate services, productivity tools, ad and media creation or analysis assistants, VPNs, Crypto, banking and more.' Each website includes a Get Chrome Extension or Add to Chrome button. DomainTools warns that while the extensions correspond to ones on Google's Chrome Web Store (CWS), these 'typically have a dual functionality, in which they generally appear to function as intended, but also connect to malicious servers to send user data, receive commands, and execute arbitrary code.' DomainTools has examples of fake DeepSeek, YouTube, Flight Radar, Calendly and VPN websites and extensions as lures. Extensions partially work, but are 'configured with excessive permissions to interact with every site the browser visits and retrieve and execute arbitrary code from a network of other actor controlled domains.' Dangerous extensions DomainTools Unsurprisingly, the hosting infrastructure is common across the campaign. While mimicking DeepSeek and YouTube is simple brand hijacking, fake VPN extensions as a means to attack Chrome users ie beyond ironic. These VPN extensions connect to a malicious backend client [to] listen for commands." When instructed, the extension 'uses to retrieve all browser cookies.' it can even inject scripts into open Chrome tabs to run its own malicious code. Website lure and malicious extension DomainTools DomainTools says these attacks have been more than a year in the making. 'This malicious actor has deployed over 100 fake websites and malicious Chrome extensions with dual functionalities. Analysis revealed these extensions can execute arbitrary code from attacker-controlled servers on all visited websites, enabling credential theft, session hijacking, ad injection, malicious redirects, traffic manipulation, and phishing via DOM manipulation. Some extensions were also observed attempting to steal all browser cookies, which may lead to account compromises.' While the Chrome Web Store 'has removed multiple of the actor's malicious extensions after malware identification,' DomainTools warns 'the time lag in detection and removal pose a threat to users seeking productivity tools and browser enhancements.' To stay safe, check carefully before installing extensions. While that means using official stores, it also means checking names and reviews carefully and ensuring developers behind those extensions have been verified. Such add-on software is a well-proven vulnerability with Chrome, and 'vigilance is key to avoiding these threats.' Most of the API domains identified by DomainTools as being part of this attack have a .TOP top level domain. Yet another warning to see .TOP as high risk at all times.
Associated Press
15-05-2025
- Science
- Associated Press
SlowBlink Maine Coons Launches AI-Powered Maine Coon Color Calculator Chrome Extension
Vancouver, Canada, May 15, 2025 -- SlowBlink Maine Coons is excited to announce the release of its free Maine Coon Cat Color Calculator, now available as a convenient Chrome browser extension. This innovative tool enables breeders, cat owners, and enthusiasts to accurately predict the coat colors of Maine Coon kittens based on the genetics of the parents. The Maine Coon Cat Color Calculator leverages an experimental AI-powered engine that analyzes over 200,000 Maine Coon pedigrees to deliver precise predictions. By inputting the EMS (Easy Mind System) color codes of the sire and dam, users receive detailed forecasts of potential offspring colors. The extension also includes comprehensive documentation explaining all Maine Coon EMS color codes, making complex genetics accessible to users of all experience levels. Designed to streamline the color prediction process, the Chrome extension reduces the number of clicks required and provides instant access to calculations on any webpage, at any time. This feature makes it ideal for breeders working across multiple platforms or websites, improving workflow efficiency and decision-making. While the calculator covers a broad range of Maine Coon coat colors, it does not account for rare genetic anomalies. The focus remains on the most common and recognized color patterns to ensure accuracy and reliability. Maine Coons are celebrated for their diverse and striking coat colors, and this tool supports responsible breeding practices by helping users plan litters with greater genetic insight. By offering the calculator as a free Chrome extension, SlowBlink Maine Coons aims to make advanced genetic tools widely accessible to the Maine Coon community. The Maine Coon Cat Color Calculator Chrome extension can be downloaded for free from the Chrome Web Store, providing an easy-to-use, on-the-go resource for anyone interested in Maine Coon genetics. About SlowBlink Maine Coons SlowBlink Maine Coons is a family-owned and BBB® Accredited Maine Coon cattery based in British Columbia, Canada, recognized by TICA as an Outstanding Cattery and honored with CFA's prestigious Cattery of Excellence award. Specializing in European lines, SlowBlink is dedicated to breeding healthy, genetically diverse, and well-socialized Maine Coon cats that meet breed standards while maintaining their wild-looking, majestic appearance. Known for producing kittens with regal looks, massive polydactyl paws, and luxurious coats, SlowBlink raises each cat as a cherished family member, ensuring affectionate temperaments and lifelong well-being. The cattery combines traditional breeding expertise with modern genetic insights and health protocols, including DNA testing, vaccinations, and lifetime support for all cats. Located in the Greater Vancouver Area and Vancouver Island, SlowBlink offers free local delivery and arranges shipping across Canada, the USA, and internationally. Through innovation and transparency, SlowBlink Maine Coons is committed to supporting the Maine Coon community by providing educational resources and tools such as the new Maine Coon Cat Color Calculator Chrome extension. Contact Info: Name: Mia Wiens Email: Send Email Organization: SlowBlink Maine Coons Phone: +17788749866 Website: Release ID: 89160124 If you encounter any issues, discrepancies, or concerns regarding the content provided in this press release, or if there is a need for a press release takedown, we urge you to notify us without delay at [email protected] (it is important to note that this email is the authorized channel for such matters, sending multiple emails to multiple addresses does not necessarily help expedite your request). Our expert team will be available to promptly respond within 8 hours – ensuring swift resolution of identified issues or offering guidance on removal procedures. Delivering accurate and reliable information is fundamental to our mission.
Yahoo
24-04-2025
- Business
- Yahoo
OpenAI says it would be happy to scoop up Google's Chrome if Alphabet is forced to sell the world's most popular web browser
OpenAI's head of ChatGPT testified in Google's antitrust case that the company would be interested in buying the Chrome web browser if Alphabet is forced to spin it off. OpenAI has its own search product but has struggled with distribution; access to Chrome's reach would be a boon for the company. OpenAI's head of ChatGPT said the company would happily scoop up Chrome if it were spun off from Google as part of its ongoing antitrust suit. Nick Turley, the ChatGPT chief, made his company's intentions clear during his testimony as part of a three-week-long trial to determine how Google must change its business after it was deemed a search monopolist by a federal judge. 'Yes, we would, as would many other parties,' Turley said in his testimony, responding to a question about whether OpenAI would consider buying Google Chrome, Bloomberg reported. As of now, ChatGPT search is available as a browser extension on Chrome, but if ChatGPT were fully integrated into the web browser, 'you could offer a really incredible experience,' Turley added. In October, OpenAI released ChatGPT search, which blends the natural language of the LLM with the search functionality of a search engine like Google. ChatGPT search has 3 million users, according to the Chrome Web Store. Meanwhile, ChatGPT's regular app on the Apple App Store was the most-downloaded app globally in March with 46 million downloads, TechCrunch reported. Breaking into search is tough, as Google controls about 90% of the U.S. internet search market. OpenAI has also run into the pitfalls of trying to distribute its products within the walled gardens built by Apple and Google. OpenAI has already struck a deal with Apple to integrate ChatGPT into the company's flagship iPhone. But it hasn't been able to reach agreements with Android smartphone makers. Since January, Google has been paying to preinstall its AI model, Gemini, on Samsung phones, Bloomberg reported. Turley said ChatGPT hasn't been able to strike a deal with Samsung because Google can outspend OpenAI. ChatGPT's powerful competitors 'control the access points for how people discover products, including our product. People discover via a browser or via an app store,' Turley said. Buying Chrome would be a boon for ChatGPT's distribution, noted Brian Jackson, principal research director at Info-Tech Research Group. 'Owning Chrome, the most popular web browser globally, would instantly give it a huge customer footprint,' Jackson told Fortune. 'In addition, it'd have new opportunities to harvest data from browser interactions, and it would effectively fend off Google's marketplace advantage for Gemini.' Although it's unclear if Google Chrome will be spun off at all, OpenAI is already looking beyond its partnership with Microsoft to improve its product, Turley said. Another remedy being considered by the court is to force Google to share its search index with rivals, a move that could turbocharge OpenAI's own efforts to improve its search product. During his testimony, Turley said OpenAI's ambition is to make a 'super assistant' that would help users with tasks, but search capability is fundamental to helping the product provide accurate answers based on real-time information. Without referring to it directly, Turley said ChatGPT found 'significant quality issues' with Microsoft Bing's search information, which it has access to as part of its partnership with Microsoft. Microsoft did not immediately respond to Fortune's request for comment. Representatives for Google verbally declined to give OpenAI access to its search index, even after striking a similar deal with Meta for its AI products. Turley said having access to that data would be a game changer for OpenAI. 'Having access to the data that underlies Google's index, the content or signals, would accelerate the development of our own index,' he said. This story was originally featured on Sign in to access your portfolio
