Popular extensions have also been found to have been hacked to push ads to users. The seven new malicious extensions removed by Google are Nigelify, PwnerLike, Alt-j, Fix-case, Divinity 2 Original Sin: Wiki Skill Popup, Keeprivate, and iHabno.
These malicious extensions will steal the user’s Facebook and Instagram credentials after installation and collect information about the victim’s Facebook account, but use this information to send malicious links to their friends to infect more users. In addition, malicious programs also install mining scripts to mine tokens such as Monero, bytecoin, and electroneum.
