There are several types of browser extensions known to inject unwanted ads, scripts, or trackers into web pages and emails, either due to their own functionality or after being compromised. Here are some categories and examples of extensions that could cause these vulnerabilities.
1- Adware Extensions
These extensions promise features like blocking ads or helping with shopping deals but instead inject ads into the sites you visit.
– AdBlock (when from unofficial sources): Some knockoff or compromised versions of AdBlock or Adblock Plus have been known to inject ads.
– Coupon or Shopping Extensions: Honey (malicious versions), Coupon Mate, PriceBlink.
– VidSaver: Often bundled with ad injectors.
2- Free VPN or Proxy Extensions
Extensions that offer free VPN or proxy services can sometimes inject ads or track browsing data.
– Hola VPN: Known for injecting ads and tracking users.
– TouchVPN
– Hotspot Shield (free version)
3- Browser Toolbars and Download Managers
Toolbars or download manager extensions can often be ad-supported or malware in disguise.
– Ask Toolbar
– Babylon Toolbar
– Free Download Manager (unofficial versions)
4- Video Downloaders
Extensions that allow downloading videos from sites like YouTube or social platforms are often ad-supported.
– Video Downloader Plus
– YouTube Video Downloader (unofficial versions)
5- Potentially Compromised Extensions
Even legitimate extensions can become compromised if developers sell them or they are hacked, leading to the injection of unwanted scripts.
– FVD Video Downloader
– Hover Zoom
– Web of Trust (WOT): Previously known for selling user data.
6- Extensions Offering Customization
Extensions that customize the web experience, such as changing website themes, adding new functionality, or modifying content, can inject code or ads.
– Stylish (now discontinued)
– Superfish (discontinued after security issues)
– GreasyFork or TamperMonkey scripts: If you download untrusted scripts, these could inject harmful ads.
7- Social Media Helpers or Automation Tools
Tools designed to automate interactions with social media platforms may inject tracking or ads to monetize user activity.
– Toolkit For FB
– Linked Helper
8- Browser Hijackers and Malware
Some extensions are part of broader malware campaigns.
– Safe Finder
– Search Encrypt
– MyWay Search
Example of malicious injected code
How to Protect Against These Extensions:
-
-
- Check Reviews and Ratings: Look at recent reviews before installing any extension, as compromised versions can often receive low ratings.
- Use Official Sources: Only download extensions from the official Chrome Web Store, Mozilla Add-ons, or Microsoft Store.
- Keep Extensions Updated: Developers often release patches for vulnerabilities, so keep your extensions updated.
- Limit Permissions: Be cautious about extensions that ask for broad permissions (like access to all your browsing data).
- Regularly Review Installed Extensions: Periodically check your extensions list and remove any you don’t recognize or no longer use.
-
If you’ve recently added any extensions similar to these, try disabling or uninstalling them and checking if the injected code persists.