Millions at risk of malicious browser extensions

BleepingComputer reports that malicious browser extensions have targeted nearly 7 million users between January 2022 and June 2022, with adware extensions accounting for almost 70% of all malicious extensions during the same period. WebSearch, which spoofs document merging utilities, file converters, and other productivity tools, was the most prevalent adware extension during the first six months of 2022, having targeted 876,924 users, according to a report from Kaspersky. Researchers found that aside from tracking users' browsing activity for profiling, the extension also sets the home page of victims' browsers to AliExpress or Farfetch in an effort to collect more funds. The report also showed AddScript and DealPly as the second and third most popular adware extensions, having targeted 156,698 and 97,525 users, respectively, during the first half of this year. AddScript has been noted to run videos in the background and boost ad revenue through views on YouTube channels, while DealPly enables automated browser extension injection and new registry key additions after the execution of cracked software, said Kaspersky.