Malicious Browser Extensions for Social Media Infect Millions of Systems

At least 28 third-party add-ons for top social media sites, including Facebook and Vimeo, redirect users to phishing sites and steal data.More than two dozen malicious programs posing as third-party extensions for top social media sites have been downloaded some 3 million times, surreptitiously redirecting users to phishing sites, displaying advertisements, and stealing data, antivirus firm Avast reports. The cybercriminals behind the 28 third-party extensions camouflaged the malicious functionality as a variety of add-on features — such as video downloaders and direct message apps — for social media sites, including Facebook, Instagram, SoundCloud, and Vimeo. The extensions are written in JavaScript, can exfiltrate information on the user, and can download and execute additional malicious code, Avast stated in a report published today. The company found no evidence of the extensions being used as a bridge into corporate networks, but attackers may have the ability to download and inject arbitrary JavaScript into any tab, says Jan Rubín, a malware researcher at Avast. “This could be used to gather credentials and other sensitive corporate data from the websites visited by the victim,” he says. “We are preparing a technical blog post with more technical information and IoCs, but for now, we can…
Read More