SlowMist has issued a security alert for crypto users. The warning comes as malicious actors buy popular Chrome extensions. A recent report shows that extensions can change ownership without user notice.
This alert highlights risks for thousands of users worldwide. It warns that attackers can hijack browsing traffic and redirect users. The process occurs quickly and without any visible prompts.
Hidden Dangers in Browser Extensions
A growing risk now faces browser users. Malicious buyers can purchase Chrome extensions on open markets. Once in control, they can change how the extension works. Users may see no alert or warning if no new permissions are required.
The new owners can misuse the granted permissions. For example, an ad blocker could turn into a tool for tracking web habits. A tab manager might be repurposed to capture screenshots. These hidden dangers are not always easy to detect.
The report states that these extensions can be sold without the original developer’s control. Developers often sell their work due to maintenance issues or lack of funding. They may feel overwhelmed or unable to support the extension.
In some cases, the developers are surprised when the extension is misused. The change of hands does not show any public sign. This makes it hard for users to know if their extension is safe.
Also Read: Hackers Blackmail YouTubers To Spread Crypto-Mining Malware, Kaspersky Warns
How do Ownership Transfers happen?
The process is simple. Developers fill out a form provided by Google. They use a registered developer email and pay a small fee of $5. Once the form is submitted, the extension is transferred.
The transfer happens in a week. The new owner receives the extension with all its previous settings intact. The extension keeps the same ID. Only the owner name changes on the Chrome web store.
However, the new email address remains hidden until a setting is altered. Users continue to use the extension without knowing about the change.
An investigation found one extension with 400,000 users that changed hands. The new owner was not publicly listed until further actions were taken. The investigator also followed the process with another extension.
The extension was bought with little hassle and transferred using a new developer account. This process shows that anyone can buy and repurpose these tools. The risk lies in the lack of alerts during the change.
Rising Malware Threats
Just yesterday, Microsoft warned Google Chrome users about a new malware attack. The malware, named StilachiRAT, targets sensitive data. It can steal saved passwords and digital wallet details.
The malware also captures clipboard content and system information. It stays hidden inside the user’s device. This new threat adds to the growing list of browser risks.
SlowMist urges users to be cautious. The report advises keeping a close eye on extensions. It reminds users to check for any unusual behaviour. If an extension is misused, users should remove it immediately.
Browser extensions play an important role in daily online activity. They offer useful tools that enhance productivity. However, the risks of unauthorized ownership transfers pose a serious challenge.
Also Read: Crypto Hackers Exploit Telegram Accounts to Spread Malware Through Fake Video Call Links