Malicious Browser Add-ons – Annoying, Infuriating & Dangerous

Windows Articles

How to Backup your call and SMS history in Android

Many times we find ourselves in the situation of having to change our phone, for different reasons, and one of the questions...

Install and configure Apache Guacamole on Debian 10

Hello, friends in this post, you will learn how to install and configure Apache Guacamole in Debian 10. It will be a...

Ubuntu 20.10 available

The new version of Ubuntu is now available, under the code name "groovy gorilla". Ubuntu 20.10 focuses on improving and refining the...

Monitoring Ubuntu 20.04 with Stacer

Normally if we use Linux on a production server, it is important to monitor it. On the other hand, in everyday use, many users...

How to get the Android 11 Notification Panel

It's no secret that even though Android is the most widely used mobile operating system. Not always our device has the latest...
Avatar
Mel Khamlichi
Webmaster and technical Director at Osradar.com Linux/Unix Guru Technology and hardware addicted Location : Amsterdam Netherlands

Web browsers are our best friend for surfing the web. Among all the browsers, Google Chrome and Mozilla Firefox are the most popular ones, especially Chrome – the popularity is sky-high. Although it’s the most popular, it isn’t safe 100%. In fact, most software and other stuff aren’t 100% safe. For Chrome and Firefox, this new malicious add-on/extension has proved it.

A security researcher has recently spotted the add-ons that’s almost impossible to delete. Deleting the add-on is very tricky and annoying as well.

Chrome

The add-on that affects chrome is named “Tiempo en colombia en vivo”. Using a method called “Forced Chrome Extension”, this extension gets installed on the browser. Not only that, it modifies system so that you can’t remove it easily from the system.

For driving away users from the extension page, this extension redirects users from “chrome://extensions/” to “chrome://apps/?r=extensions”. The redirected page only shows the installed apps in a list form. Moreover, you won’t be able to access “chrome://extensions” even by blocking JS or starting Chrome with disabled extensions.

If you wish to remove the extension from your Chrome, follow these steps.

  • Go to Chrome extension folder – “C:\Users\username\AppData\Local\Google\Chrome\User Data\Default”.

  • Search for the file “1499654451774.js” in the folder.
  • Rename the file to “1499654451774.js.old”.
  • Open Chrome and go to “chrome://extensions/”

  • The extension will appear corrupted. Delete the extension.

Firefox

Another similar type of extension is found in Firefox as well. Malwarebytes, the identifier of this add-on found it named “PUP.Optional.FFHelperProtection”. This one modifies “background.js” to block access to “about:addons” and disables users from removing it.

For uninstalling the add-on, it’s relatively easier from Chrome. Follow these steps.

  • Start Firefox in Safe mode. Run this command:
firefox -safe-mode
"C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode

Note that the file paths might be different if you installed in a different path.

  • Go to “about:addons”. Remove the add-on named “FF Helper Protection”.

Most likely, your favorite Chrome and Firefox are free from the annoying add-ons. By the time you’re reading this, this add-on might not be with the same name in the wild. As protection gets evolved, so does the malware. It’s also noteworthy that the Chrome extension proves the weakness of Play Store and Chrome Stores’ review system.

If you don’t want such add-ons to annoy you, I strongly recommend not to surf the web without caution and proper security measures. When installing any extension, read the description and review carefully.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to Backup your call and SMS history in Android

Many times we find ourselves in the situation of having to change our phone, for different reasons, and one of the questions...

Install and configure Apache Guacamole on Debian 10

Hello, friends in this post, you will learn how to install and configure Apache Guacamole in Debian 10. It will be a...

Ubuntu 20.10 available

The new version of Ubuntu is now available, under the code name "groovy gorilla". Ubuntu 20.10 focuses on improving and refining the...

Monitoring Ubuntu 20.04 with Stacer

Normally if we use Linux on a production server, it is important to monitor it. On the other hand, in everyday use, many users...

How to get the Android 11 Notification Panel

It's no secret that even though Android is the most widely used mobile operating system. Not always our device has the latest...
x