Min menu


Avast discovers that millions of users are infected with malware from browser loops



Threat researchers at Avast, a company known for its digital security and privacy products, have discovered a huge number of malware infections for people around the world.

Researchers say that nearly 3 million people worldwide are infected with malware via third-party browser extensions for services such as Instagram, Facebook, Fimo, and others.

Avast researchers say that malware is hidden in at least 28 Google Chrome browser extensions, Microsoft's third-party Edge, and is associated with the most popular platforms on the Internet.

Research has shown that malware is able to redirect user traffic to ads or phishing sites. Malware can also steal personal data, such as: dates of birth, email addresses, and active devices.

The extensions claim to help users download videos from sources, including: Video Downloader for Facebook, Vimeo Video Downloader, Instagram Story Downloader, VK Unblock, and other Chrome and Edge browser extensions.

Users with these harmful episodes have also reported that the accessories are able to redirect them to other websites. When users click on the link, the extension sends information about what users click to the attacker's control server. This server can send an order to redirect the victim from the real link to the hacked URL before redirecting them to the website they want to visit.

This allows hackers to record all clicks sent to third-party intermediary websites. Threat representatives can also collect data, including: login time, device name, operating system, browser, IP addresses as well as personal data.

Avast researchers believe that hackers who operate harmful accessories want to invest in traffic. Each time communications are redirected to a third-party domain, criminals receive funds.

Researchers warn that malware can hide itself to avoid detection and removal. Avast says that at the time of writing, the accessories are still available for download, but Google and Microsoft have been contacted.