Kaspersky Lab and Yandex experts reported the discovery of a large-scale malicious campaign using more than 20 browser extensions. Among them are Frigate Light, Frigate CDN and SaveFrom with a total audience of more than 8 million people. Kommersant writes about this.
According to experts, using a browser with at least one of the malicious extensions jeopardizes privacy in the VKontakte social network. Attackers can gain access to the account to get likes and watch videos.
Extensions are managed from a remote server and generate traffic by playing videos in hidden tabs on the user's PC. At the same time, malicious code includes protection against detection, so in most cases, the activation of malicious extensions can only be noticed by slowing down the device and compromising accounts.
Yandex has already disabled these extensions in Yandex.Browser, and Kaspersky Lab blocks such activity on devices where the company's products are installed. The results of the investigation were also transmitted to the developers of VKontakte and popular browsers to help them prevent such attacks.