New Polymorphic Chrome extensions fake others to steal your data

[harlan4096]

We have seen our fair share of malicious Chrome extensions in the past 17 or so years since Google released the initial version of its browser. From fake VPN extensions and outright malicious extensions to sophisticated session replay malware.

This is what happened: a new malicious type of extension, called polymorphic extension, is currently used to attack users in the wild.

What is a polymorphic extension? A malicious extension that fakes the icon and behavior of other extensions to steal user data.

Polymorphic extensions behave like legitimate extensions on first glance. They look like harmless extensions that provide some functionality. Their true purpose is to fake other extensions installed in the user's browser to steal data.

Continue Reading...