Find and Eliminate Malicious Browser Extensions

Leanr more about JumpCloud's response to COVID-19We’re prepared to help with your COVID-19 response. Learn more.

The browser extension is a double-edged sword. On one hand, browser extensions are convenient and helpful for users surfing the web. But, browser extensions can also turn around and bite the person using them. That’s why many IT admins are concerned with finding and eliminating malicious browser extensions to secure their system fleets.

What are Browser Extensions?

Browser extensions are small bits of code that run within a browser window, such as Chrome™ or Firefox, for personalization and/or efficiency. Browser extensions affect the appearance and operation of a web browser to best suit the needs and wants of the person using them. Some examples of popular browser extensions include the µBlock ad blocker and Bitly URL shortener.

Technically, browser extensions aren’t considered “applications” in the traditional sense, despite the fact they’re often installed to serve similar purposes. As such, they often fly under an antivirus software’s radar. Beyond that, browser extensions generally aren’t vetted by their vendors (i.e. Chrome Extension Store). This ultimately means browser extensions run the possibility of including malicious code, such as malware.

The Nature of Malicious Browser Extensions

Bad actors can use browser extensions in their attacks. For example, a browser extension has the potential to reap critical identity information information, such as login credentials or credit card data, just by being added to an internet browser.

A devious developer can make a malicious browser extension by adding background processes, usually underwritten into the extension’s code, that query the browser for additional information. This information could include credit card data, which is often stored for use on e-commerce and other sites. In some cases, the code may not contain any “overtly malicious” content but instead contain two smaller applets. When run in tandem, these applets redirect traffic through the browser to a paid advertisement site and create hundreds of (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at:

Zach DeMeyer

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

zach-demeyer has 453 posts and counting.See all posts by zach-demeyer