280 million Chrome browser users infected with malware via extensions

Recently, Stanford University and the CISPA Helmholtz Center for Information Security published a study showing that more than 346 million users installed malicious extensions between July 2020 and February 2023. After deducting 66 million failed installations due to policy violations and errors, the research team estimated that there were still 280 million installations containing malware.

The researchers collected the data by parsing each extension's *.json declaration file. These files were then broken down into Application Programming Interface (API) access requests such as storage, cookies, and hosts such as URLs or URL patterns.

“It is not surprising that extensions tend to request more permissions than they need. The more permissions an extension has, the greater the attack surface,” the team said.

Not only that, the report also pointed out the worrying thing that extensions containing malicious software often have an average lifespan of up to 380 days before being detected and removed. According to Forbes , existing too long on the browser makes the risk of data being stolen even greater, and in greater quantity.

Additionally, the research team said that as of May 2024, nearly 1% of all Chrome extension installs contained malware. According to Google statistics, more than 250,000 extensions are available in the Chrome web store, more than any other browser.

Google also recommends four steps users can take to reduce the risk of downloading malware: Review the information an extension collects before installing it; uninstall extensions they no longer use; limit the websites an extension can work on; and enable Enhanced Protection when browsing if necessary.

According to Statcounter, as of May 2024, Chrome is still the dominant browser with more than 3.2 billion users. On computers, the browser has a market share of 64.87%, far ahead of the next two positions, Microsoft Edge with 13.14% and Safari with 8.79%. On mobile devices, Chrome accounts for 65.94%, Safari is second with 23.47% and Samsung Internet with 4.43%.

Beware of new malware impersonating Google Chrome to trick and steal information In addition to warning about 5 online scams, this week the Department of Information Security (Ministry of Information and Communications) also advised people to be wary of new malware called 'Mamont', impersonating Google Chrome to trick and steal information.