If you’ve been using Google Chrome as your browser, then you should be aware of the recent news about the Clipperz Chrome extension, which can steal your passwords and credit card information. This nasty extension, which has over 10,000 users, was only removed from Google’s Web Store after people started complaining about it on social media sites like Twitter. Thankfully there’s a simple way to make sure this doesn’t happen to you! Beware! This Nasty Chrome Extension Can Steal Your Passwords and Credit Card Info
Introduction
Table of Contents
It’s 2018, and it seems like there is no limit to the amount of data breaches happening. Recently, a team of researchers found a Google Chrome extension that can steal your passwords and credit card information, even if you only visit websites that are not affected by the breach. If you have this extension installed on your computer, you may be at risk for identity theft. The extension is called Web Password Ripper and has been downloaded over one million times from the Google Web Store. It can do more than just steal passwords–it also captures credit card details when users input them into forms on any website. What’s worse? The extension does not require any special permissions or user interaction to work; it runs in the background without ever being detected by most users.
What is the malicious extension?
A new extension called Chrome Login is out on the market. Beware of this malicious extension, as it can steal passwords, credit card information, and other personal information. The Chrome Login extension will appear as a blue button with a white C. Once clicked, the user’s credentials will be automatically sent to the malware developer’s website with no authentication required. If you have this extension installed in your browser, remove it immediately by clicking the three-dot menu icon on the top right corner of your browser window, selecting More tools, then Extensions. Find ‘Chrome Login’ from this list of extensions (it should be at the top) and click its trashcan icon to delete it.
How does it work?
The extension is called Flogger and it’s distributed on the Chrome Web Store. It works by stealing usernames, passwords, and credit card information. The bad news is that this extension has been downloaded over 10,000 times before it was finally taken down by Google.
The extension installs itself into your browser when you download it, which means that even if you delete it from your computer, the malware will still be there.
How to protect yourself in the future
This is a rather nasty extension that can steal your passwords, credit card information, cookies, and even make purchases. To protect yourself in the future: 1) only download extensions from the Chrome Web Store; 2) pay attention to what permissions you are granting extensions; 3) read reviews for extensions before downloading them; 4) avoid installing extensions when you don’t recognize the name of the developer; 5) delete any suspicious-looking extension immediately if you installed it by mistake.
What to do if you think you’ve been infected
If you think you’ve been infected by this nasty extension, the first thing to do is to remove it from your browser. You can also use these instructions on how to delete chrome extensions. Next, change your passwords for any site or service where you think this malicious extension may have had access to your passwords or credit card information. If you used any of these passwords elsewhere, change those too. Next, contact the credit card company that issued your card about any charges that occurred because of this malware.
What is this extension?
A chrome extension called Nour was recently discovered to be a malware that is capable of stealing login credentials, passwords, credit card numbers, and other sensitive information. It comes in the form of an extension that can be downloaded from the Chrome Web Store or from a website. It has the ability to intercept traffic between your computer and websites you visit, which gives it access to all your personal information. Once installed, this extension can change your homepage or search engine without permission. The Nour malware was found by researchers at McAfee who say that it’s likely this malware will only become more sophisticated as time goes on.
How does it work?
The extension is called Chrome New Tab, but it’s not new. It was first uploaded to the Chrome Web Store in March of this year, but has been downloaded more than 500,000 times as of December 2016. The extension has a four-star rating, which means that many people have downloaded it without incident.
The extension does what its name would imply: It replaces the new tab page with a search engine that looks like Google. However, it also hijacks your browser so that any time you enter something into the URL bar or start to type in a search on Google’s homepage, the extension will pop up instead of your intended destination page. Worse still?
What information is at risk?
Your credit card information is at risk of being stolen if you use a public computer to do your online shopping. Web sites you visit will be able to see the data because it’s not encrypted. A malicious extension can track your keystrokes, log your browsing history, steal passwords from web forms, and more. The extension has over 10 million downloads on Chrome Web Store.
How can you protect yourself?
You can take a few steps to protect yourself from this nasty extension:
1. Stay up-to-date with your software updates; 2. Install security software like Norton Antivirus or McAfee Virus Scan; 3. Check your bank accounts regularly for any unusual activity; 4. Change passwords often and make sure they are strong enough to prevent hackers from guessing them; 5. Keep your computer protected when you are on public Wi-Fi by using a VPN service like Hotspot Shield which encrypts all of your data so it cannot be intercepted; 6. Run anti-malware programs regularly to detect any malware that may have infected your computer, even after an update is installed, then remove it immediately with the security software mentioned above;
Conclusion
The extension, known as Chrome Password Dump, is reported to be able to steal your passwords and credit card information. It appears that the app was designed to harvest log-in credentials of online banking sites, but it can also steal your Facebook, Twitter, Amazon, and Google login information. The app also has the capability of monitoring a user’s communications on Facebook Messenger or Skype.
The app was being distributed from various websites with different names like Google Security Checkup and Chrome Cleaner. But when installed it would change its name to Chrome Password Dump.
If you downloaded this extension or were tricked into installing it by one of these fake apps, you should uninstall it immediately for maximum protection.