Cyber SecurityPersonal Security

Beware of Hidden Botnets in Your Browser Extension

Infatica[.]io is one of the dubious firms luring IT developers of leading brands to include hidden botnets in their browser extension. So, any add-ons you use in your Apple, Google, Microsoft, or Mozilla browser can be spiked with botnets. Let’s explore the landscape a bit further with Brian Krebs in his blog article at Krebs on Security.

Spiking Browser Extension

When a user starts using an extension, developers should send regular updates and acknowledge service requests. There is hardly any financial gain in these actions. Companies like Infatica offer such developers some money to include dubious codebases in the popular extensions. Earning a side gig of $15 to $45 per month for every 1,000 active users is a decent pay package. Infatica then can use the user’s browser to route the traffic to questionable sites. Hao Nguyen, ModHeader developer, received many negative reviews from his users when he accepted the Infatica deal.

Reasons for Popularity

According to chrome-stats.com, more than 100,000 browser extensions are no longer actively supported by authors, and they are willing to sell off those and their user base. The situation becomes worse when brands like Google want to stop paid Chrome extensions. “It’s a really tough marketplace for extension developers to be able to monetize and get rewarded for maintaining their extensions,” says Nguyen. So, more developers are open to making quick money for their creations from disreputable firms.

The Owner

Infatica’s codebase is present in at least 36 popular browser extensions for over a few years now. Video Downloader Plus is one of them, and it has over 1.4 million active users. However, Infatica founder and director Vladimir Fomenko that also owns iNinja VPN was not available for comment. The VPN extension has over 400,000 users. He has also operated King Servers for years, which was linked to the 2016 compromise of Arizona and Illinois election databases. Luminati, or HolaVPN, is another such VPN/proxy service provider.

Chrome browser extensions require no special permission, while others can view which websites you frequent, scan your browsing history, and see your open tabs. More than 68,000 Chrome extensions have code that “alter the appearance and functionality of specific sites,” warns Krebs.

Protect Yourself

Even plugins for WordPress and Joomla are not to be spared. Carefully read through the permissions you are granting to the browser extensions. If an existing extension wants more permissions than the previous update, do not upgrade if possible. If a website wants you to download an extension before viewing its content, never download it. To see how many extensions you have, click on the three dots on the right of your address bar. Click on ‘More Tools’ or ‘Add-ons’ then ‘Extensions’.

To view the original article, visit the following link: https://krebsonsecurity.com/2021/03/is-your-browser-extension-a-botnet-backdoor/

Show More

Indrani Roy

Indrani Roy is currently working as a Content Specialist for CAI Info India. She has knowledge in writing blogs, product descriptions, brand information, and coming up with new marketing concepts. Indrani has also transcribed, subtitled, edited, and proofread various Hollywood movies, TV series, documentaries, etc., and performed audio fidelity checks. She started her career by articulating a knowledge base for an IT client, and, eventually, went on to create user manuals and generate content for a software dashboard. Writing being one of her passions, reading books is naturally her favorite pastime. When not lost in the world of letters, she is a foodie, movie buff, and a theater critic.
Back to top button
X

We use cookies on our website

We use cookies to give you the best user experience. Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.