大角色出现了,这是一个,等软件流行开来,再植入恶意代码的实例。
一批浏览器扩展被植入了木马,有超过 230 万 Chrome 和 Edge 用户的浏览器受到感染。尽管这些扩展都经过软件商店审查和认证,甚至好几年了,都老老实实的。然而,在近期的更新中,这些扩展被植入了木马,木马会劫持浏览器会话、记录每一次网络浏览,植入后门。其中一款获得 Google 验证徽章的取色值扩展 Geco ,有超过 10 万次的下载量,800 条评论,获得 4.2 星的评价。
如果你当前使用的是 Chrome/Chromium/Edge 或任何基于 Chromium 开发的浏览器,请检查你已经安装的浏览器扩展,确保你没有中招。
被植入木马的扩展如下,其中破折号前面的是扩展的ID,右边是名字:
Chrome 扩展商店:
kgmeffmlnkfnjpgmdndccklfigfhajen — [Emoji keyboard online — copy&past your emoji.]
dpdibkjjgbaadnnjhkmmnenkmbnhpobj — [Free Weather Forecast]
gaiceihehajjahakcglkhmdbbdclbnlf — [Video Speed Controller — Video manager]
mlgbkfnjdmaoldgagamcnommbbnhfnhf — [Unlock Discord — VPN Proxy to Unblock Discord Anywhere]
eckokfcjbjbgjifpcbdmengnabecdakp — [Dark Theme — Dark Reader for Chrome]
mgbhdehiapbjamfgekfpebmhmnmcmemg — [Volume Max — Ultimate Sound Booster]
cbajickflblmpjodnjoldpiicfmecmif — [Unblock TikTok — Seamless Access with One-Click Proxy]
pdbfcnhlobhoahcamoefbfodpmklgmjm — [Unlock YouTube VPN]
eokjikchkppnkdipbiggnmlkahcdkikp — [Color Picker, Eyedropper — Geco colorpick]
ihbiedpeaicgipncdnnkikeehnjiddck — [Weather]
Edge 扩展商店:
jjdajogomggcjifnjgkpghcijgkbcjdi — [Unlock TikTok]
mmcnmppeeghenglmidpmjkaiamcacmgm — [Volume Booster — Increase your sound]
ojdkklpgpacpicaobnhankbalkkgaafp — [Web Sound Equalizer]
lodeighbngipjjedfelnboplhgediclp — [Header Value]
hkjagicdaogfgdifaklcgajmgefjllmd — [Flash Player — games emulator]
gflkbgebojohihfnnplhbdakoipdbpdm — [Youtube Unblocked]
kpilmncnoafddjpnbhepaiilgkdcieaf — [SearchGPT — ChatGPT for Search Engine]
caibdnkmpnjhjdfnomfhijhmebigcelo — [Unlock Discord]
消息来源: