Browser Extensions Under Fire: 4 Million Users Affected by Malware – Learn How to Safeguard Yourself
A recent report by Koi Security has revealed a significant malware campaign that has transformed browser extensions on Chrome and Edge into spyware, impacting over 4 million users. This operation, dubbed ShadyPanda, exploited legitimate extensions by gradually introducing harmful features through updates. Microsoft has responded by removing all flagged extensions from its Edge Add-ons store, while Google has also taken action against the malicious extensions on its platform.
Understanding the ShadyPanda Campaign
The ShadyPanda campaign involved a total of 20 extensions on the Chrome Web Store and 125 on Microsoft Edge. Initially, these extensions appeared harmless, with the first ones surfacing in 2018. However, it wasn’t until 2023 that their malicious behavior became evident. Tools masquerading as wallpaper or productivity applications began injecting harmful code into users’ browsers. This operation utilized the browsers’ automatic update systems to deliver malware silently, avoiding traditional phishing tactics or social engineering methods. Koi Security noted that these updates effectively turned trusted extensions into surveillance tools, compromising user privacy without their knowledge.
Malicious Activities of Compromised Extensions
The compromised extensions engaged in various malicious activities, including tracking user behavior and monetizing the collected data. They injected tracking codes into links, redirected search queries, and harvested sensitive information such as browsing history, keystrokes, and cookies. Some updates even included backdoors that allowed remote code execution, granting attackers full access to users’ browsers. This level of access enabled them to monitor visited websites, steal credentials, hijack sessions, and conduct other forms of attacks. Notably, these extensions were designed to conceal their activities, making it difficult for users to detect their malicious behavior, even when accessing developer tools.
Steps to Safeguard Your Online Security
To protect yourself from the threats posed by ShadyPanda, it is crucial to take immediate action. First, remove any suspicious wallpaper or productivity extensions from your browser. Extensions such as Clean Master, WeTab, and Infinity V+ have been identified as particularly problematic. Additionally, resetting passwords for all online accounts is essential; using a password manager can help create strong, unique passwords for each account. Installing antivirus software with browser protection can also aid in detecting malware, spyware, and unsafe websites. Finally, it is advisable to limit the number of extensions you use and thoroughly check reviews and permissions before installing new ones. By practicing careful extension management and maintaining strong online security habits, users can better protect their browsers and personal data from threats like ShadyPanda.
Observer Voice is the one stop site for National, International news, Sports, Editor’s Choice, Art/culture contents, Quotes and much more. We also cover historical contents. Historical contents includes World History, Indian History, and what happened today. The website also covers Entertainment across the India and World.
