Beware Malicious Chrome Extensions!

I will never forget during the peak of lockdown, my college gave us a bunch of extensions to download. A student asked if there was an alternative to some of them since they didn't seem that secure. The DEAN responded that "you can't get a virus from a chrome extension"

This is why we need browsers to actually implement the features we want so we don't even need plugins or extensions or addons or whatever name you want to use to refer to these things. They slow down your browsing experience and leave you less secure.

There have also been cases where a popular extension was sold to someone, and the buyer put subtle malware on it. It was "Unseen Facebook" or something like that.

When you uninstall a malicious extension, make sure to check the "report abuse" button in the uninstaller window that pops up! This is probably the fastest way to get it removed from the store

No need to worry cuz we got
Theo keeping us safe by raising awareness about them 😎

This video brings back memories of MS Internet Explorer being plagued with browser hijackers and web re-directors to weird search sites and malware sites that's why back then I switched to Netscape Navigator and still use its predecessor Firefox.

imagine if Guardio extension itself starts doing nasty stuff in the background while protecting you from "other" malicious sources, that would be hilarious

i always have to manually check the source code of the local files to ensure nothing fishy is going on... you know

Another awesome way is just don't go overboard with extensions (for example I have ublock origin and bitwarden only) I may add more as the need arises but just like ThioJoe said I vet them before hand and make sure they come from a trusted source that I've actually have heard of.

Thank you so much for helping all the people about these extensions!❤❤❤

Really hope more people find your videos about malicious programs because I still have people tell me that as long as you don't click on ads you can't get a virus...

Computer expert warns against extension software. Computer expert then promotes an extension software.

A good way to counter this (at least it would help the user keeping himself safer) would be to require the user to give the necessary permissions to addons. Like, if a theme based addon requires access to your keyboard inputs and cookies, it would already be pretty suspicious.

Seeing this made me think immediately: Can you make an up-to-date video on the chrome extensions you use and what ones you recommend? I know you've done one before but it was a long time ago

This was very intresting, keep'em coming.

Beware: Auditing the source doesn't help WHATSOEVER. I audited the most popular Cookie extension for Chrome. Totally clean code. Suddenly, it began sending all your cookies to the author, silently, in an update. It kept doing that for weeks until someone noticed and I received an alert that the extension had been disabled and removed from the store by Chrome.

Theo you are really helping us to use windows safely ❤

Good video Joe and I am lucky in that my Eset Smart Security I have on all my machines does have an anti bad extensions which blocks and/or deletes these wretched extensions.

Just a few days ago i got a notification from chrome that one of my Extensions could be malicious.

Damn that reminds me.. when I was 16 and using my dad's computer to download pr0n in the late 90s, I had to stealth-reinstall his windows multiple times due to viruses and adware fucking everything up.

With task scheduler you can sometimes see the first date it got triggered which may be a good thing to look out for. Seems to not show on all tasks though.

I recently uninstalled a nasty search app/extension that directed my searches to what were obviously a number of X-rated, adult porn sites, one of which was filled with photos of children. It took me several hours & a lot of failed attempts to uninstall it. I reported the site to my Internet Provider, but still haven't heard back from them, and I don't expect to( Spectrum). I use Edge, I'm still looking for a way to block these malicious extensions. Another one I had, a spell-checker & thesaurus would shut down my browser whenever I attempted to use it, causing me to have to restart my computer. I have to admit, most of the ones I use appear to be safe, but after watching this video, I'm beginning to wonder if they really are. I've gotten some of the best tips for new programs & computer fixes by watching Thio's videos, he should have many more subscribers than he has.

ThioJoe saving the day ❤

Keep up the good work Thio.. people need to be aware of these.. Google should have taken the hint by now.. or does Google want to kill extensions? Especially AdBlocks?

Excellent info! Thanks!

Some people are really hoping that you do one of your totally awesome videos about searchlab, I notice how you had the beaker on your Google Chrome browser. That thing just popped up out of nowhere

Ok.
**Opens Firefox**

I never went too crazy with extensions. Right now i'm just using UBlock Origin and tampermokey for some scripts and that's all, i don't need anything else. Either way this is really good information to know. thanks for keeping us safe!

hey whas happinin jojo, what i love about some of those extensions, is they make my browser, which is ummm T-Mobile? maybe it used to be Verizon, is that they make the browser REALLY long like many screens long.. so they DO WORK!

11:33 Yeah I noticed those fake Chat GPT ads even here on TH-cam.

I suggest to use AdwCleaner, RogueKiller and Zemana to remove anything malicious inside Chrome, included extensions.

Best protection: Uninstall Google Chrome

Good day Just saw your tweet. Take some rest.

This is another excellent, informative video. Keep 'em coming!
Can extensions be installed with drive-by attacks? How can we prevent those? If a webpage takes more than a second to load with a 400 Mbps connection, does that mean I've been infected with malware?
Also, if I see a command prompt window flash briefly on my screen when I restart Windows (after my desktop appears), does that mean I have an infection? I have Norton Antivirus, but this sort of thing makes me paranoid

This video made me check my Chrome extensions and it turns out I still have an extension installed that got removed from the Chrome Web Store.

Thanks for the noticing us mate

Good to know. Thank you.

Rich people: we have bodyguard😎
Actual bodyguard: ThioJoe

Congrats on 3m subs

I actually had a spyware extension (it was called gogaurdian) on my mac from when i accidentally turned on sync on chrome a few years ago(I don't go to that school anymore and the google account was completely deleted) and the extension had the remove button grayed out and the disable toggle grayed out as well , even after the google account was deleted I was still unable to remove it so hopefully this lets me finally delete it(even deleting the extension file in the chrome files did not remove it, and it only removed it's icon).

bro idk why but if i wanna download a extensions like shoop or what ever i dont get to the right site it opens a dragon .... extensions everytime

Unfortunately, Google seems to be heading down the M$ path. Folks support Firefox instead and use ublock as an add-on.

I only have 3 extensions but if I do need to download one I always research it first.

it's really dumb how extensions permissions are not specific, and many extensions require access to all data on all websites, even if they just want to bookmark images you click ( browsers should only give them access to that image when you click it for example, or only access to the text you highlight and right click ... )

Thank very much Sir good tips

I prefer Edge anyway. The search results aren't as accurate but the browser is four times faster

when going to download something always check to see if the site is labeled as an ad/promoted. they are often fake sites.

the real question is why are extensions given so much control over windows that they can use the task scheduler and stuff? should they not be strictly sandboxed to the current tab or at BEST the browser app as a whole?

I do remember dark reader mentioning that there was a copycat and to because a long while ago

It's most annoying when a good working extension turns bad, it gives sponsored results in Google search.
Its difficult to find what extension is doing it, In my case it was some volume booster app, the thing was chrome web store removed it for malicious reasons but DIDN'T INFORMED ME 'THE USER'
It happened one more time with another app but then I found it but disabling enabling
At starting I'm not sure whats going on until I understood.
I'm was not sus of extensions because I at that time didn't have any 3rd party extensions and thought Extensions would've not done any malicious stuff as they were approved by Google but its a loophole when Google removes them from webstore but they are still on devices and DID NOT WARN US wth

Very informative

a very helpful video thank you very much keep on going

I once installed the ultimate tab suspender but it ended up adding advertisements to my google searches

I can't believe that you actually made a video on this topic I mentioned in comments. Thanks

Hi Thio, Theo here, could you do a show for senior citizens and really old people? Thank you,

I had to deal with people asking for my help because they somehow installed mallicious extensions that tagged all their friends on facebook and was speading like that. I ended up setting up a group policy to whitelist, block every extension from installing other than ublock origin.

Imagine theres a malicious extension for Guardio itself!

I’m struggling with this problem. It seems to me that Google, Microsoft and all these reputable antivirus companies don’t care about this issue.

My friend had the Micro Search engine and we did crazy things to remove it. Tried deleting the chrome program files, it's registry entries, and everything. We finally got rid of it but it came right back the next day. So we just ended up erasing the computer lol.

there was one extension that i couldnt turn off its called "Mammalia". i couldnt find ANY info on it anywhere, i had to uninstall google chrome and reinstall it in order to remove it. does anyone know what mammalia is?

Why didn't you mention the risk coming from modified lnk files invoking chrome with extension in command line ? Last days I had a warning message from my bank about this threat... Anyway your videos are always useful and informative, thank you

Why do you look like an Elf? 😜
Thanks Theo for the video.. Not many youtubers are spreading such awareness.. 👍👍

I've seen a Firefox extension that used an exploit to turn the add-ons page into a blank page.
This was a few years ago, but there was nothing else being downloaded.

4:40 Sounds like Web Root! Over a year later, I'm Still cleaning out sticky traces of that *Security & Protection* program. Never again!

i have my browser managed by some registry policys i put in, as i hate hunting for a setting if i accidently disable something, like bookbark bar or home button.

I'd be curious to know if this is as prevalent an issue on Firefox's extension "store".
A precursory glance and I only see one "sus" extension and it's mostly review bombed because it was bought by a company people don't like.

Can't you use tools like Bleachbit to clean up cookies cache etc to get rid of some of these.

Question - Why do I not get TH-cam Notifications at times - too many times? All of my settings are correct. Although In my TH-cam settings my Notification setting for Chrome keeps turning off - I don't believe this is the issue though. Thanks

One of the few things I do to all my systems is diable non-web store extensions from being installed. No local extensions allowed. It's been a while, but I have gotten alerts of something trying to install an extension in the past and failing. Half the battle right there.

I once downloaded a "free" manager and I installed, it didn't work it just crashes instantly but what I didn't know was that it installed a "Google Docs" extension and each time I remove it chrome crashes and gets put back what it did was change my default search engine to a weird sketchy one

thank you so much i was able to delete this virus

I added the font fingyprint defender at Thio's advice months ago, then a few weeks later i noticed that warning from chrome and uninstalled it. faaaaackkin GOOGLE stores! I love it.

I always had this doubt about chrome extensions, since Google doesn't mention anywhere that they are checked for maliciousness. That's why I never install extensions until It has a huge number of downloads.

You know those fake bouncy green ads that look like download buttons? (If you don’t, google “fake download button ad” and go to images section) Well my grandpa was trying to download a free pdf and he clicked one of those ads (he thought it was a real download button) and it went to one of those sketchy redirect sites (you know the ones where you go to them and it redirects you to, like, 50 websites???) The site it redirected to said “In order to download your file, install the Chrome Extension “SafeSearch for Chrome”. This website is clearly impersonating the website where he wanted to download the pdf. But he installed the extension, and it made it so the default search engine couldn’t be changed from this weird search engine nobody has ever heard of, with a ton of ads and BS links. Now I can fix his computer, thanks!!! (The extension reinstalls itself after being deleted. It was removed from the web store but it can still reinstall itself because the file is embedded in the OS.)

thanks.

Im pretty sure this is how my credit card info got stolen. Malware bytes found a keylogger from a chrome extension.

is there a way to see how old an extension is? Like how long has it existed, how often are updated, when was the first version released?

Glad I only use like 2 extensions.

at least they have one star reviews

Hi I have a question, how do I get rid of equusafricanusAsinus extension it says installed by administrator and I never installed it and it just popped up

Extensions are the only reason I use Chrome. Well, the second only (the other one being the multiple accounts, as I use several google accounts for different jobs). Can't live without any of them. They add functionality that SHOULD BE IN THE BROWSER BY DEFAULT, PERIOD. And I'm not talking really esoteric stuff, but basic things, like drag to search, or adblockers.

I saw the lack of seriousness on the Chrome Webstore many years ago, and I don't install extensions anymore. They always give me a bad vibe.

Recently, I've been getting random extensions getting added to my chrome that all have to do with "web" "search" stuff. Please someone let me know if there's something to do with malware.

There was a annoying thing on the web store called dragon lovers

what if someone copy's guardio and google deletes the real one?

Honestly at this point anything I need an extension for, other than adnlock and song recognition I'm literally just writing myself.

What is the best anti-phishing extension for Google Chrome?

can a extention play a sound in a tab, somthing happend like that to me

So we need to install an extension to check an extension 😂😂😂😂

Is anything on github actually consider safe because it is open source? Or does anyone actually checking those codes?

Trusting google with anything is a worry, better to use another browser..

I will be careful now!

He is saying to get an extenchion to protect you from extenchions😂

So i have a Chrome extension named EquusAfricanusAsinus. I cant remove it or do anything with it because its a Admin. Any help?

prob a dumb question but are bitdefender add-ons and 1password add-on safe ? considering its from two trusted companies i think it is but what are your thoughts on it ?

i've used the chrome as managed by organisation in fedora 38 , not able to change it

you did help me to get rid of like 2 chrome extentions Im really gratefull for your work.

Has FireFox had similar issues with extensions?

The kids in my school install game extensions, I can't fault them, when I was in school. I played Super Mario and Snake on my TI86, but it's so bad, it steals their info: they don't know any better... But at the same time they are disabling the security features...

Would guardio
Help with the issues that will come from .zip links?