Dangerous Extensions Chrome Browser Add-ons Threaten Users’ Safety
A new study has revealed that malicious Chrome browser extensions are still able to exploit vulnerabilities and steal users' data, despite Google's efforts to enhance security in the browser through the new Manifest V3 extension framework .
Manifest V3 is a new framework developed by the Chrome browser development team to improve the security and functionality of extensions in the browser. This framework is an update to the previous framework Manifest V2, which suffered from some security vulnerabilities that could be exploited by developers to create malicious extensions.
A recent study by cybersecurity firm SquareX has uncovered vulnerabilities in Manifest V3, exposing millions of users to malware.
The study noted that despite the Chrome extension framework being upgraded from Manifest V2 to Manifest V3 to improve security, malicious extensions are still able to bypass new security measures, compromise security features, and steal data directly from video conferencing platforms, such as Zoom and Google Meet, without requiring special permissions.
The malicious extensions were found to redirect users to disguised phishing pages to steal passwords and take over accounts.
Manifest V3 aims to reduce the permissions granted to extensions, but the study found that malicious extensions are able to access browsing history, cookies, bookmarks, and download history, by exploiting fake pop-ups claiming to have software updates.
Additionally, browser security tools have difficulty detecting the activities of these extensions, leaving individual users and businesses vulnerable to attacks.
The study indicated that without dynamic analysis and the implementation of strict policies, organizations will not be able to identify and prevent these attacks, stressing that Manifest V3 is still far from achieving the required security in the design and implementation stages.
Users are advised to install trusted extensions from the Google Chrome Web Store , avoid installing any unknown extensions from outside the store, and remove unnecessary extensions.