Three Chrome extensions launched as VPNs to control the browser and access user data | technology

A group of researchers has discovered three malicious Chrome extensions that pretend to be virtual private networks (VPNs) in the Google Store and have the ability to control browsers and access their information.

Look: This is how you can protect your personal information from potential cell phone theft

Experts from the reason They identify these add-ons as netPlus, which logs over a million installs between both browsers, and netSave and netWin, which together add up to 500,000 downloads.

These malicious extensions are distributed via thousands of compressed files Listed in “torrents” Popular video games like Assasins Creed, Grand Theft Auto (GTA) or The Sims 4 are available on download pages.

Once this download file is unzipped, the extensions are forcibly installed in the user's browser as if they were VPN applications being used It is a sophisticated method that completes the installation process without the user's knowledge No need for your approval.

The cybersecurity company commented that the JavaScript code for these extensions contains more than 20,000 lines of codeThanks to this, he was able to verify that they were not only fake VPNs, but that they also had access to browser configuration data.

In this way, malicious applications can recognize and control system information, as well as process and approve access requests or disable other browser plug-ins.

It should be noted that ReasonLabs has identified these extensions as being of Russian origin and that Most of those affected come from RussiaUkraine, Kazakhstan, Belarus and Pakistan, among others. Likewise, it is important to note that Google has already removed these extensions from the Chrome Store.

Legal sources and VPNs

Finally, the cybersecurity company mentioned various measures so that users can protect themselves from cyber threats derived from hacking, such as using legal and legitimate sources to access content. This is the case of official app stores or Recognized purchasing platforms.

Look: Infinite “scrolling”: “Fentanyl” for social networks?

It is also recommended to install antivirus software and be wary of suspicious websites, which generally offer free and unauthorized content. It doesn't hurt to use legitimate VPNs either – without going any further, Google One includes a VPN service – which Encrypt your Internet connection Providing an additional layer of security and anonymity.

It is important to avoid clicking on unknown links or pop-ups, which can be initiated Download malware On the device, in addition to enabling two-factor authentication (2FA).