Researchers from Stanford University and the Helmholtz Center for Information Security (CISPA) found that 280 million users installed infected Chrome extensions over three years. Also on Google claimsLess than 1% of all installations in the extension repository contain malware, reports TechSpot portal.
According to the CISPA report, from July 2020 to February 2023, approximately 346 million users installed extensions labeled as SNE that could pose threats and contain malware, violate Chrome Web Store policies, or contain vulnerable code. It was noted that 63 million of these facilities did not pose a threat.
Some dangerous extensions remain in the store for a long time. TeleApp, for example, existed for 8.5 years before being removed in June 2022. In total, there are over 250 thousand extensions in the Chrome store.
The researchers also noted that user ratings do not help identify malicious extensions. Users do not give SNE low scores, making them difficult to recognize. Positive comments are probably left by bots, but half of SNE has no comments at all.
Google says its security team provides users with personalized summaries of installed extensions, verifies them before publishing them, and provides ongoing monitoring. However, researchers point out that inadequate monitoring allowed dangerous extensions to remain in the store after vulnerabilities were discovered.
Previously reportedApple discovered a secret laboratory among residential buildings.
What are you thinking?
Source: Gazeta

Jackson Ruhl is a tech and sci-fi expert, who writes for “Social Bites”. He brings his readers the latest news and developments from the world of technology and science fiction.