This article examines the rise of deceptive browser extensions within the digital ecosystem, highlighting their potential security threats to usersβ data and privacy. The extensions often utilize manipulative tactics to inflate their ratings and can transmit sensitive user information to third parties. As the volume of such misleading applications increases, trust in digital platforms diminishes, posing significant challenges for security measures. Affected: individuals, organizations, digital security ecosystem
Keypoints :
- Deceptive browser extensions can harvest usersβ data or compromise privacy.
- Over 20 newly registered websites lure users into installing these extensions.
- Common traits among these extensions include manipulated ratings and external data transmission.
- Security researchers can identify suspicious extensions by examining reviews and code.
- The rise of βAI Slopβ indicates a surge in low-quality, untested extensions flooding the market.
- Users face challenges in distinguishing between legitimate and deceptive applications.
- Security systems struggle to keep pace with rapidly evolving AI-generated threats.
MITRE Techniques :
- T1071 β Application Layer Protocol: Extensions send user data to external servers.
- T1071.001 β Web Protocols: Use of HTTP/S to transmit potentially sensitive information.
- T1114 β Email Collection: User input from the extensions may be captured without consent.
- T1069 β Permission Requests: Excessive permissions requested by extensions raise security flags in analysis.
Indicator of Compromise :
- [Domain] ai-chat-bot[.]pro
- [Domain] ai-sentence-rewriter[.]com
- [Domain] pdf-to-jpg[.]app
- [Extension ID] jmpcodajbcpgkebjipbmjdoboehfiddd
- [IP Address] 164.90.199[.]205
Full Story: https://dti.domaintools.com/deceptive-browser-extensions-google-store-ai-slop/