Cyber-security researchers said on Thursday that more than 1.3 million users were affected by threats hiding in browser extensions in the first half of 2022.
The figure is over 70 per cent of the number of users affected by the same threat throughout 2021.
Kaspersky researchers analysed what risks innocent-looking browser extensions pose to users and the activities of cybercriminals hiding threats under add-ons.
Mimicking popular apps such as Google Translator or extensions with useful functionality like PDF Converter or Video Downloader, threats in browser extensions can insert advertisements, collect data about users' browsing histories and even search for login credentials.
“Even browser extensions that do not carry a malicious payload can be dangerous. For example, when the developers of these add-ons sell gathered user data to other companies, potentially exposing their data to someone who was not supposed to see it,” said Anton Ivanov, senior security researcher.
The most prominent threat spread under the guise of browser extensions has been adware — unwanted software designed to throw advertisements up on the screen.
Such advertisements are usually based on the browsing history to catch users' interest, embed banners in web pages or to redirect them to affiliate pages that the developers can earn money from, instead of legitimate search engine ads.
From January 2020 to June 2022, Kaspersky experts observed more than 4.3 million unique users faced adware hiding in browser extensions, which means approximately 70 per cent of all affected users have encountered this threat.
Adware can track everything the user searches for and then promote these products with affiliate ads on search engine
In 2020, Google removed 106 malicious browser extensions from its Chrome Web Store.
In total, these malicious extensions were downloaded 32 million times, putting the data of millions of users at risk.
“However, this does not happen often, the main way malicious add-ons are distributed is through third-party resources, said the report.