During the past month, several developers of popular extensions for Chrome have been subjected to cyberattacks. Attackers managed to get access to the Chrome Web Store developers and introduce malicious functionality into extensions to the popular browser.

Two weeks ago there was the first incident with the breaking of the account in the Chrome Web Store and the code substitution for the CopyFish extension. Attackers used this extension to send spam. Two days after the incident, another popular extension was changed - Web Developer. Attackers built in the display of ads in browsers more than 1 million users.

Experts from Proofpoint decided to analyze the functionality of other popular extensions to Google Chrome in search of an unauthorized code change. During the research, several more compromised popular extensions were discovered. Thus, the list of detected extensions with malicious code looks like this:.

-Web Developer (0.

9) -Chrometana (1. 3) -Infinity New Tab (3. 12. 3) -CopyFish (2. 5) -Web Paint (1. 1) -Social Fixer (20. 1) Experts believe that in the same way in June this year, the TouchVPN and Betternet VPN extensions were compromised. In total, malicious extensions were installed on 4.1 million computers.

All users of the Google Chrome browser are encouraged to check their browsers for the presence of the above-mentioned extensions and delete them in case of detection.