Google has deleted 32 malicious extensions from the Chrome Web Store that could have changed search results and pushed spam or unwanted adverts. Collectively.
In order to shield users from the dangerous behavior that was concealed in the payloads' obfuscated code, the extensions had legal functionality.
The PDF Toolbox extension, which is accessible from the Chrome Web Store, was examined by cybersecurity researcher Wladimir Palant, who discovered that it contained code that was misrepresented as an official extension API wrapper.
The researcher also observed a behavior that is generally linked to malevolent intentions: the code was set to activate 24 hours after the extension was installed.
"id": "GOO142525623",
"linkid": "google",
"type": "Malware",
"date": "06/2023",
"severity": "75",
"impact": "2",
"explanation": "Attack limited on finance or reputation"