Chrome 发现了 32 个恶意浏览器插件!总安装量高达 7500 万次,赶紧自查!!

谷歌昨日从 Chrome 网上应用店中删除了 32 个恶意扩展程序,这些扩展程序可能会改变搜索结果并推送垃圾邮件或不需要的广告。总的来说,它们的下载量为 7500 万。

这些扩展具有合法功能,可以让用户不知道混淆代码中用于传递有效负载的恶意行为。

网络安全研究员 Wladimir Palant 分析了 Chrome 网上应用店提供的 PDF 工具箱扩展(200 万次下载),发现它包含伪装成合法扩展 API 包装器的代码。

安装量最大的几个恶意插件:

  • Youtube 的 Autoskip——900 万活跃用户
  • Soundboost——690 万活跃用户
  • Crystal Ad block——680万活跃用户
  • Brisk VPN – 560 万活跃用户
  • 剪贴板助手——350 万活跃用户
  • Maxi Refresher——350 万活跃用户
  • 其他带后面的浏览器插件的ID
扩展 ID:

aeclplbmglgjpfaikihdlkjhgegehbbf 
afffieldplmegknlfkicedfpbbdbpaef 
ajneghihjbebmnljfhlpdmjjpifeaokc 
ameggholdkgkdepolbiaekmhjiaiiccg 
bafbedjnnjkjjjelgblfbddajjgcpndi 
bahogceckergcanpcoabcdgmoidngedmfo 
bikjmmacnlceobeapchfnlcekincgkng 
bkbdedlenkomhjbfljaopfbmimhdgenl 
bkflddlohelgdmjoehphbkfallnbompm 
bkpdalonclochcahhipekbnedhklcdnp 
bppfigeglphkpioihhhpbpgcnnhpogki 
cajcbolfepkcgbgafllkjfnokncgibpd 
ciifcakemmcbbdpmljdohdmbodagmela 
deebfeldnfhemlnidojiiiadkgnglpi 
diapmightkmmnpmdkfnmlbpkjkealjojg 
dlnanhjfdjgnnmbajgikidobcbfpnblp 
dppnhoaonckcimpejpjodcdoenfjleme 
edadmcnnkkkgmofibeehgaffppadbnbi 
edaflgnfadlopeefcbdlcnjnfkefkhio 
edailiddamlkedgjaoialogpllocmgjg 
edmmaocllgjakiiilohibgicdjndkljp 
eibcbmdmfcgklpkghpkojpaedhloemhi 
enofnamganfiiidbpcmcihkihfmfpobo 
epmmfnfpkjjhgikijelhmomnbeneepbe 
fcndjoibnbpijadgnjjkfmmjbgjmbadk 
fejgiddmdpgdmhhdjbophmflidmdpgdi 
ffiddnnfloiehekhgfjpphceidalmmgd 
fgpeefdjgfeoioneknokbpficnpkddbl 
fhnlapempodiikihjeggpacnefpdemam 
finepngcchiffimedhcfmmlkgjmeokpp 
flmihfcdcgigpfcfjpdcniidbfnffdcf 
fpfmkkljdiofokoikgglafnfmmffmmhc 
gdlbpbalajnhpfklckhciopjlbbiepkn 
geokkpbkfpghbjdgbganjkgfhaafmhbo 
gfbgiekofllpkpaoadjhbbfnljbcimoh 
ghabgolckcdgbbffijkkpamcphkfihgm 
glfondjanahgpmkgjggafhdnbbcidhgf 
gliolnahchemnmdjengkkdhcpdfehkhi 
gnmjmennllheofmojjffnidneaohleln 
hdgdghnfcappcodemanhafioghjhlbpb 
hdifogmldkmbjgbgffmkphfhpdfhjgmh 
hhhbnnlkhiajhlfmedeifcniniopfaoo 
higffkkddppmfcpkcolamkhcknhfhdlo 
hmakjfeknhkfmlckieeepnnldblejdbd 
icnekagcncdgpdnpoecofjinkplbnocm 
iejlgecgghdfhnappmejmhkgkkakbefg 
igefbihdjhmkhnofbmnaglkafpaancf 
igfpifinmdgadnepcpbddpndnlkdela 
iicpikopjmmincpjkckdngpkmlcchold 
imfnolmlkamfkegkhlpofldehcfghkhk 
jbolpidmijgjfkcpndcngibedciomlhd 
jjooglnnhopdfiiccjbkjdcpplgdkbmo 
jlhmhmjkoklbnjjocicepjjjpnnbhodj 
kafnldcilonjofafnggijbhknjhpffcd 
keecjmliebjajodgnbcegpmnalopnfcb 
kjeffohcijbnlkgoaibmdcfconakaajm 
lcdaafomaehnnhjgbgbdpgpagfcfgddg 
lgjdgmdbfhobkdbcjnpnlmhnplnidkkp 
lhpbjmgkppampoeecnlfibfgodkfmapd 
likbpmomddfoeelgcmmgilhmefinonpo 
lipmdblppejomolopniipdjlpfjcojob 
lklmhefoneonjalpjcnhaidnodopinib 
llcogfahhcbonemgkdjcjclaahplbldg 
lmcboojgmmaafdmgacncdpjnpnnhpmei 
lpejglcfpkpbjhmnnmpmmlpblkcmdgmi 
magnkhldhhgdlhikeighmhlhonpmlolk 
mcmdolplhpeopapnlpbjceoofpgmkahc 
meljmedplehjlnnaempfdoecookjenph 
nadenkhojomjfdcppbhhncbfakfjiabp 
nbocmbonjfbpnolapbknojklafhkmplk 
ngbglchnipjlikkfpfgickhnlpchdlco 
njglkaigokomacaljolalkopeonkpbik 
obeokabcpoilgegepbhlcleanmpgkhcp 
obfdmhekhgnjollgnhjhedapplpmbpka 
oejfpkocfgochpkljdlmcnibecancpnl 
okclicinnbnfkgchommiamjnkjcibfid 
olkcbimhgpenhcboejacjpmohcincfdb 
ooaehdahoiljphlijlaplnbeaeeimhbb 
pbdpfhmbdldfoiognphkiocpidecmbp 
pbebadpeajadcmaoofljnnfgofehnpeo 
pidecdgcabcolloikegacdjejomeodji 
pinnfpbpjancnbidnnhpemakncopaega