Remove These 17 Malware Browser Extensions from GhostPoster Now
Malicious browser extensions can pose a significant threat to your online security. Recent research from LayerX uncovered 17 such extensions linked to the GhostPoster malware campaign, active across Chrome, Firefox, and Edge browsers.
Identification of Malicious Extensions
The GhostPoster campaign first emerged in December, with Koi Security initially identifying these dangerous add-ons. Although these extensions have been removed from official stores, if you’ve previously downloaded them, you need to delete them manually.
Impact of GhostPoster
- Monitors browsing history
- Strips security protections
- Facilitates remote code execution
- Weakens website security
- Hijacks affiliate traffic
- Injects unauthorized scripts
The malware is particularly insidious, hiding in the extension’s PNG logo. This clever strategy allowed GhostPoster to maintain a low profile for as long as five years.
List of Malicious Browser Extensions
LayerX’s investigation has revealed the following extensions involved in the campaign:
- Google Translate in Right Click
- Translate Selected Text with Google Ads
- Block Ultimate Floating Player – PiP Mode
- Convert Everything
- YouTube Download
- One Key Translate
- AdBlocker
- Save Image to Pinterest on Right Click
- Instagram Downloader
- RSS Feed
- Cool Cursor
- Full Page Screenshot
- Amazon Price History
- Color Enhancer
- Translate Selected Text with Right Click
- Page Screenshot Clipper
Some of these extensions were quite popular. For example, “Google Translate in Right Click” had over half a million installations, highlighting the potential risk for many users.
Conclusion
If you have these or similar extensions installed, it’s crucial to remove them immediately. Their malicious functions can severely compromise your online privacy and security. Stay informed and protect your digital environment by regularly reviewing your browser extensions.
