A recent study conducted by security experts from Stanford University has uncovered a major security concern for users of the Google Chrome Web Store.
The researchers have published their findings on the arXiv preprint server, revealing that millions of people are at risk due to malicious extensions available on the Google Chrome Web Store (via TechXplore).
(Photo : Pixabay/deepanker70) Stanford researchers uncover widespread security risks in Google Chrome Web Store extensions, with millions of users unknowingly downloading malware.
Millions of Users At Risk of Accessing Extensions Infected with Malware
The study involved a comprehensive analysis of approximately 125,000 extensions that were available on the Chrome Web Store between July 2020 and February 2023.
The researchers took two primary approaches: examining data from previous research on security issues with Chrome extensions and analyzing the code of the downloaded extensions for signs of malware and policy violations.
One of the most alarming findings from this study is that around 346 million users downloaded what the researchers refer to as security-noteworthy extensions (SNEs).
These are extensions that either violate Google Chrome Web Store policy or contain malware or vulnerable code. Of these, 280 million users were affected by extensions that contained malware.
The researchers noted that this starkly contrasts with Google's claim that less than 1% of extensions hosted on the Chrome Web Store contain malware, as the company asserts that it vets all extensions before they are made available.
The study also underlined the lifespan of these extensions. It was found that many extensions do not last long in the store, with about 60% being removed within a year.
However, some problematic extensions remain in the store for years, continuing to pose security risks to users. The researchers noted that users seldom report these problematic extensions, contributing to their prolonged presence in the store.
A large portion of the extensions analyzed shared similar code, often sourced from public repositories or forums. This code reuse can propagate outdated and vulnerable code across multiple extensions, increasing the risk to users.
The study revealed that 60% of the extensions had never been updated, and half of the known vulnerable extensions remained in the store two years after their vulnerabilities were disclosed. Additionally, a third of the extensions used outdated and vulnerable libraries, further exacerbating the security risks.
The researchers aimed to raise awareness about these issues to help make the Chrome Web Store more secure. They stressed the need for better maintenance practices for extensions and increased vigilance from both users and the platform itself.
As of June 2021, there are around 130,445 Chrome extensions available in the store, catering to an estimated 3.45 billion global users of the Chrome browser.
Malware Risk Everywhere
In related news, Apple's macOS has recently been targeted by a new data-stealing malware dubbed 'Cuckoo', capable of accessing and extracting sensitive data from various applications.
Additionally, a new malware named 'Cuttlefish' has been identified, targeting enterprise-grade and small office/home office (SOHO) routers to steal authentication information and exfiltrate data discreetly.
