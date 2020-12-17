What just happened? Researchers have discovered 28 browser extensions for both Chrome and Edge that contain malicious code. The plug-ins, listed at the bottom of the page, are believed to have been installed by more than three million people.

Cybersecurity giant Avast analyzed the extensions last month after the threat was identified by Czech researchers at CZ.NIC, noting that some of them have been active since at least December 2018. They perform a range of malicious activities, including redirecting users to ads and phishing sites, collecting personal data and browsing history, and downloading other malware onto the host device.

Avast says (via ZDNet) that the primary aim of the campaign was to hijack user traffic for monetary gains. Every time one of the extensions redirected a user to a third-party domain, the cybercriminals would receive a payment. Given the number of installs, it's likely been a lucrative payday for the perpetrators.

“Our hypothesis is that either the extensions were deliberately created with the malware built in, or the author waited for the extensions to become popular and then pushed an update containing the malware,” said Avast researcher Jan Rubin. “It could also be that the author sold the original extensions to someone else after creating them and then his client introduced the malware afterwards.”

Avast has reported the extensions to Google and Microsoft, both of whom are conducting investigations.

These are the 15 Chrome and 13 Edge extensions containing the malicious code. If you’re using any, it’s recommended you remove them now.

Chrome extensions with malicious code, according to Avast:

Direct Message for Instagram

DM for Instagram

Invisible mode for Instagram Direct Message

Downloader for Instagram

App Phone for Instagram

Stories for Instagram

Universal Video Downloader

Video Downloader for FaceBook™

Vimeo™ Video Downloader

Zoomer for Instagram and FaceBook

VK UnBlock. Works fast.

Odnoklassniki UnBlock. Works quickly.

Upload photo to Instagram™

Spotify Music Downloader

The New York Times News

Edge extensions with malicious code, according to Avast:

Direct Message for Instagram™

Instagram Download Video & Image

App Phone for Instagram

Universal Video Downloader

Video Downloader for FaceBook™

Vimeo™ Video Downloader

Volume Controller

Stories for Instagram

Upload photo to Instagram™

Pretty Kitty, The Cat Pet

Video Downloader for YouTube

SoundCloud Music Downloader

Instagram App with Direct Message DM