Carried out by security experts and Google, the project analysed more than 100 million visits to the search giant’s sites.
It led to Google purging almost 200 bad extensions from its online catalogues of browser add-ons.
Many of these extensions have hidden extras that cause trouble for people who install them, said UC Santa Barbara computer scientist Alexandros Kapravelos, who worked with Google on the rogue extensions project.
[Our emphasis] The research found that malicious extensions were available for every major browser.
Some bad extensions were easy to spot, he said, because they were so obviously written to steal saleable data such as bitcoins, bank logins or personal data.
However, many used techniques seen in legitimate extensions, he said, and it took a lot of extra analysis to pin down the bad ones.
Read the Complete Article