Threat researchers from Avast, a company known for digital security and privacy products, have discovered a massive amount of malware infections for people around the world. The researchers say that around 3 million people globally are infected with malware via third-party browser extensions for Instagram, Facebook, Vimeo, and others. Avast researchers say that malware is hidden in at least 28 third-party Google Chrome and Microsoft Edge extensions associated with some of the most popular platforms on the Internet.
Research showed the malware could redirect user traffic to ads or phishing sites. Malware is also able to steal personal data like birthdays, email addresses, and active devices. The extensions claim to aid users in downloading videos from sources and include Video Downloader for Facebook, Vimeo Video Downloader, Instagram Story Downloader, VK Unblock, and other extensions for Chrome and Edge.
That allows the hackers to log all clicks being sent to the third party intermediary websites. The threat actors are also able to collect data, including sign-in time, login time, the name of the device, operating system, browser, and IP addresses, along with personal data. Avast researchers believe hackers operating the malicious extensions want to monetize the traffic. Every time connections are redirected to a third-party domain, the criminals get paid.
Researchers warn the malware can hide itself to avoid detection and removal. Avast says as of writing, the extensions are still available for download, but the Microsoft and Google Chrome teams have been contacted. A full list of the malicious extensions can be seen here.