Chrome Extension 發現了32個惡意瀏覽器插件!總安裝量高達7500萬次,趕緊檢查!
Google Chrome Extension 發現惡意插件
Google 昨日從Chrome 網上應用店中刪除了32 個惡意擴展程序,這些擴展程序可能會改變搜索結果並推送垃圾郵件或不需要的廣告。總的來說,它們的下載量為7500 萬。
這些擴展具有合法功能,可以讓用戶不知道混淆代碼中用於傳遞有效負載的惡意行為。
網絡安全研究員Wladimir Palant 分析了Chrome 網上應用店提供的PDF 工具箱擴展(200 萬次下載),發現它包含偽裝成合法擴展API 包裝器的代碼。
安裝量最大的幾個惡意插件:
- Youtube 的Autoskip——900 萬活躍用戶
- Soundboost——690 萬活躍用戶
- Crystal Ad block——680萬活躍用戶
- Brisk VPN – 560 萬活躍用戶
- 剪貼板助手——350 萬活躍用戶
- Maxi Refresher——350 萬活躍用戶
- 其他帶後面的瀏覽器插件的ID
插件的ID:
aeclplbmglgjpfaikihdlkjhgegehbbf
afffieldplmegknlfkicedfpbbdbpaef
ajneghihjbebmnljfhlpdmjjpifeaokc
ameggholdkgkdepolbiaekmhjiaiiccg
bafbedjnnjkjjjelgblfbddajjgcpndi
bahogceckergcanpcoabcdgmoidngedmfo
bikjmmacnlceobeapchfnlcekincgkng
bkbdedlenkomhjbfljaopfbmimhdgenl
bkflddlohelgdmjoehphbkfallnbompm
bkpdalonclochcahhipekbnedhklcdnp
bppfigeglphkpioihhhpbpgcnnhpogki
cajcbolfepkcgbgafllkjfnokncgibpd
ciifcakemmcbbdpmljdohdmbodagmela
deebfeldnfhemlnidojiiiadkgnglpi
diapmightkmmnpmdkfnmlbpkjkealjojg
dlnanhjfdjgnnmbajgikidobcbfpnblp
dppnhoaonckcimpejpjodcdoenfjleme
edadmcnnkkkgmofibeehgaffppadbnbi
edaflgnfadlopeefcbdlcnjnfkefkhio
edailiddamlkedgjaoialogpllocmgjg
edmmaocllgjakiiilohibgicdjndkljp
eibcbmdmfcgklpkghpkojpaedhloemhi
enofnamganfiiidbpcmcihkihfmfpobo
epmmfnfpkjjhgikijelhmomnbeneepbe
fcndjoibnbpijadgnjjkfmmjbgjmbadk
fejgiddmdpgdmhhdjbophmflidmdpgdi
ffiddnnfloiehekhgfjpphceidalmmgd
fgpeefdjgfeoioneknokbpficnpkddbl
fhnlapempodiikihjeggpacnefpdemam
finepngcchiffimedhcfmmlkgjmeokpp
flmihfcdcgigpfcfjpdcniidbfnffdcf
fpfmkkljdiofokoikgglafnfmmffmmhc
gdlbpbalajnhpfklckhciopjlbbiepkn
geokkpbkfpghbjdgbganjkgfhaafmhbo
gfbgiekofllpkpaoadjhbbfnljbcimoh
ghabgolckcdgbbffijkkpamcphkfihgm
glfondjanahgpmkgjggafhdnbbcidhgf
gliolnahchemnmdjengkkdhcpdfehkhi
gnmjmennllheofmojjffnidneaohleln
hdgdghnfcappcodemanhafioghjhlbpb
hdifogmldkmbjgbgffmkphfhpdfhjgmh
hhhbnnlkhiajhlfmedeifcniniopfaoo
higffkkddppmfcpkcolamkhcknhfhdlo
hmakjfeknhkfmlckieeepnnldblejdbd
icnekagcncdgpdnpoecofjinkplbnocm
iejlgecgghdfhnappmejmhkgkkakbefg
igefbihdjhmkhnofbmnaglkafpaancf
igfpifinmdgadnepcpbddpndnlkdela
iicpikopjmmincpjkckdngpkmlcchold
imfnolmlkamfkegkhlpofldehcfghkhk
jbolpidmijgjfkcpndcngibedciomlhd
jjooglnnhopdfiiccjbkjdcpplgdkbmo
jlhmhmjkoklbnjjocicepjjjpnnbhodj
kafnldcilonjofafnggijbhknjhpffcd
keecjmliebjajodgnbcegpmnalopnfcb
kjeffohcijbnlkgoaibmdcfconakaajm
lcdaafomaehnnhjgbgbdpgpagfcfgddg
lgjdgmdbfhobkdbcjnpnlmhnplnidkkp
lhpbjmgkppampoeecnlfibfgodkfmapd
likbpmomddfoeelgcmmgilhmefinonpo
lipmdblppejomolopniipdjlpfjcojob
lklmhefoneonjalpjcnhaidnodopinib
llcogfahhcbonemgkdjcjclaahplbldg
lmcboojgmmaafdmgacncdpjnpnnhpmei
lpejglcfpkpbjhmnnmpmmlpblkcmdgmi
magnkhldhhgdlhikeighmhlhonpmlolk
mcmdolplhpeopapnlpbjceoofpgmkahc
meljmedplehjlnnaempfdoecookjenph
nadenkhojomjfdcppbhhncbfakfjiabp
nbocmbonjfbpnolapbknojklafhkmplk
ngbglchnipjlikkfpfgickhnlpchdlco
njglkaigokomacaljolalkopeonkpbik
obeokabcpoilgegepbhlcleanmpgkhcp
obfdmhekhgnjollgnhjhedapplpmbpka
oejfpkocfgochpkljdlmcnibecancpnl
okclicinnbnfkgchommiamjnkjcibfid
olkcbimhgpenhcboejacjpmohcincfdb
ooaehdahoiljphlijlaplnbeaeeimhbb
pbdpfhmbdldfoiognphkiocpidecmbp
pbebadpeajadcmaoofljnnfgofehnpeo
pidecdgcabcolloikegacdjejomeodji
pinnfpbpjancnbidnnhpemakncopaega