Malicious Chrome Extensions Are Being Used To Hijack Facebook Accounts

This is dirty. Hackers are uploading malicious Chrome extensions to the official Google Chrome Web Store in hopes of tricking people to download them. Once downloaded, the extensions have the ability to completely hijack Facebook accounts.

Even worse, those malicious Facebook-jacking extensions are advertised on Facebook! The ads claim that it's possible to change the colour of your Facebook profile page, track profile pages and presumably add unicorns and vajazzling to it too. Of course, some unsuspecting tween might fall for it, get re-directed to the official Chrome Web Store page and assume all extensions are safe because they're on the official Google page. Unfortunately, they're not. The extension will hijack your Facebook account, spam your friends about this new extension, and then Like pages without you knowing. It's a dirty process done by people who sell Likes to companies.

So the next time you're downloading a Chrome extension, be wary. One of the dirty extensions was actually labelled Adobe Flash Player too, so you have to double and triple check everything you put onto your browser. [Secure List via Computer World]


Comments

    So, how can you tell a dirty one from a 'clean' one?

      Upon installing chrome I really didn't like the way extensions were handled and the info that could be found on them compared to Firefox, I've been running stock since I made the switch because I'm just not game to use chrome extensions : /

    Doesn't effect me left Facebook years ago. Most useless website on the net.

    Sounds like a beat up. The links lead to no "authority" to confirm the claims and the posted code looks innocuous.

    One time that I'm happy that my grandparents are still using IE... my grandmother would fall for a colour change option in a second.

    Thank you for providing a list of known malicious extensions. I feel safer being aware of them now and I won't be downloading them.

    earlier it was Android and now Chorme.... Google seems to be new MS... riddled with malware and virus... better to be in walled garden than being hunted badly in (free) wild world

      That'll happen with whichever major player owns a great market share. The added fact of the open-source ideology simply adds to the ease at which innovative and, potentially malicious, additions can be pushed to the community.

      It's a risk I personally am comfortable with taking, although can understand why others may shy away from such decisions.

    Google should look seriously at their 'OPEN-NESS" with their Stuff.. Android, Chrome, what's next.. malware each time someone does a search?

Join the discussion!

Trending Stories Right Now