Comment on Popular Chrome extensions hijacked by hackers in widespread cyberattack
LogicalDrivel@sopuli.xyz 1 month ago
The extensions in question in case you can’t access the article.
- Blipshot (one click full page screenshots)
- Emojis - Emoji Keyboard
- WAToolkit
- Color Changer for YouTube
- Video Effects for YouTube and Audio Enhancer
- Themes for Chrome and YouTube™ Picture in Picture
- Mike Adblock für Chrome | Chrome-Werbeblocker
- Page Refresh
- Wistia Video Downloader
- Super Dark Mode
- Emoji Keyboard Emojis for Chrome
- Adblocker for Chrome - NoAds
- Adblock for You
- Adblock for Chrome
- Nimble Capture
- KProxy
FrostyPolicy@suppo.fi 1 month ago
All of these already sound shady.
jarfil@beehaw.org 1 month ago
I had the “Page Refresh” one… disabled, but still installed. There are multiple “[Auto] [Easy] Page/Tab Refresh/Reload” extensions in the store, hard to pick one that won’t go rogue.
FrostyPolicy@suppo.fi 1 month ago
“Page refresh”. You mean F5 (or ctrl + r) right?
jarfil@beehaw.org 1 month ago
Yes, every 30 seconds, for hours on end.
Useful for many things, starting with CI/CD status panels.
fuckwit_mcbumcrumble@lemmy.dbzer0.com 1 month ago
A lot harder to do when it’s not on your computer. At work we have some TVs displaying a web oage full screen. I’m not gonna vnc in just to hit F5 every 30 minutes.
Fifrok@discuss.tchncs.de 1 month ago
Some of them also sound pointless, e.g the emoji keyboards. I know for a fact windows, macos and chromeos have inbuild emoji selectors. On linux KDE also has an selector, idk about gnome but even if it doesn’t have one there’s probably a shell exstention for that, there’s also an app called grin (or maybe smile? can’t be bothered to google rn). I literally can’t see a reason to use an web extension over those.