Protect Your Data: Malicious Browser Extensions Infecting Chrome and Edge

According to the latest reports, hackers are leveraging malicious browser extensions to target Google Chrome and Microsoft Edge users nowadays. They have been deploying dangerous malware that compromises personal data and leaves systems vulnerable to further attacks. This malware campaign, active since 2021, has trapped at least 300,000 users to date.

What sets this malware apart is its capability to gain persistence on vulnerable PCs. Even if you manage to delete the malicious extension, the malware will reactivate itself the next time your computer is restarted. Isnโ€™t it shocking? It is quite crucial to entirely cleanse your system to protect your data.

The Malvertising Menace

The hackers have used malvertising tactics, using fake sites that imitate popular software and services such as Roblox FPS Unlocker, YouTube, VLC media player, Steam, or Keepass. So, you need to be vigilant while downloading any software or extension. Otherwise, you may be tricked into installing a trojan that sets the stage for the malware attack.

Additionally, the campaign employs digitally signed malicious installers that register a planned task on vulnerable PCs. This task executes a PowerShell script, downloading and executing further payloads from a hacker-controlled server. These payloads alter the Windows Registry, pushing the installation of Chrome and Edge extensions used for ad fraud by hijacking web searches on Google and Bing.

Steps to Remove the Malware

1. Remove the Scheduled Task:

  • Open the Task Scheduler by searching for it in the Start Menu.
  • Click on the Task Scheduler Library, and identify the malicious task by checking the Actions tab for a PowerShell script or a file ending with โ€œ.ps1.โ€
  • Once found, right-click on the task name and select Delete.

2. Edit the Registry Keys:

  • Open the Registry Editor by searching for it in the Start Menu.
  • Navigate to โ€œComputer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelistโ€ and delete the suspicious extensions.
  • Repeat the process for โ€œComputer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Google\Chrome\ExtensionInstallForcelistโ€ and the corresponding Edge path.

Antivirus Software: Your Best Defense

The manual removal is also possible. For that purpose, you need to use the best antivirus software solutions for thorough and safe removal. Try to download new software or browser extensions from the official Chrome Web Store or Microsoft Edge Add-on Store to mitigate the risk of malware infections.

By following these steps, you can protect your personal data and maintain a secure browsing experience.

Check Out: Fiverr Puts Pakistani Freelancers As Unavailable Amid Internet Disruptions โ€“ PhoneWorld

PTA Taxes Portal

Find PTA Taxes on All Phones on a Single Page using the PhoneWorld PTA Taxes Portal

Explore NowFollow us on Google News!

Laiba Mohsin

Laiba is an Electrical Engineer seeking a placement to gain hands-on experience in relevant areas of telecommunications. She likes to write about tech and gadgets. She loves shopping, traveling and exploring things.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
>