CHINA TOPIX

12/22/2024 05:51:42 pm

Make CT Your Homepage

10% of Chrome Extensions Might Be Malware

Computer science experts from the University of California, Berkeley, San Diego and Santa Barbara campuses found that out of the 48,332 extensions of Google Chrome, 4,712 were suspicious and 130 were identified as seriously malicious.

The team will present their findings at the USENIX Security Symposium in San Diego on Thursday.

Like Us on Facebook

The experts also created software able to detect mischievous activity of Chrome browsers, which they decided to name Hulk.

A wide range of behaviors was displayed by the dangerous Chrome extensions such as generating spam on social media, malicious installations of JavaScript, credential theft and affiliate fraud where consumers are deceived into paying false commissions on bought items.

Although some mischievous extensions are unknown, one received more than 5.5 million downloads, researchers said.

The program developed by the team works in two methods.

In one technique, Hulk generates "HoneyPages" or Web pages specifically created to deceive a malicious extension into showing its bad behavior. A common method used by hackers is to make mischievous Web paged intended to exploit the browser's vulnerabilities and infect computers.

The Hulk program's HoneyPages implement a similar concept but instead of compromising the computer, the program protects it.

The other technique requires a "fuzzer," an automated script built by Hulk that tests each and every Chrome extension installed by giving them over one million bits of random data to determine if they show any peculiar behavior.

The method of fuzzing software with non-specific data is a tried-and-tested technique in reliability testing.

Meanwhile, Internet security experts at Malwarebytes were able to identify a suspicious extension that disguises itself as a legitimate Evernote Web extension for the Chrome, Comodo Dragon and Torch browsers.

Real Time Analytics