These extensions have more than 57 million active users in total. It all started when PDF Toolbox showed suspicious behavior. The specialist noticed that the extension for some reason constantly asks for access to all browser tabs.
Harmful extensions are dangerous
It turned out that PDF Toolbox contains a Trojan and embeds its own Java scripts in web pages. Palant later discovered that the same malicious code was contained in 17 other extensions in the Chrome Web Store. Here is the list:
- PDF Toolbox
- Autoskip for YouTube
- Crystal AdBlock
- Brisk VPN
- Clipboard Helper
- Maxi Refresher
- Quick Translation
- Easyview Reader view
- Zoom Plus
- Base Image Downloader
- Clickish fun cursors
- Maximum Color Changer for Youtube
- Readl Reader mode
- image download center
- Font Customizer
- Easy Undo Closed Tabs
- OneCleaner
- repeat button
There are probably other malicious extensions as well. Because the security expert says he detected them in his research on 1,000 extension samples. If any of the extensions in the list are installed on your browser, you should remove it as soon as possible.