Czech Internet security giant Avast found out on December 16th that around 3 million people all over the world have been infected with malware spread through third-party browser extensions for Instagram, Facebook, and Vimeo among others.
As of now Google Chrome and Microsoft Edge appear to be the affected browser. Google and Microsoft are extensively investigating the issue, but the 28 fake extensions continue to be available on the Chrome Web-Store and Microsoft Edge Add-on portals. As of now, 15 of these malicious extensions reside on Google Chrome and 13 on Microsoft Edge.
How does the malware work?
The malware works by hijacking the URL. So every time you click on a new link, the hacker tracks your every movement. Then the hacker automatically re-directs you to a new URL of his liking instead of to the one you chose to go to.
The incentive here is purely monetary as redirecting users to ads and phishing sites would yield a steady stream of incoming considering the horde of innocent…