A browser plugin (also known under the term ‘browser plug-in’) is an optional application that provides more features and functions to the web browsers. Browsers are designed to show static HTML pages, and various plugins allow viewing or accessing dynamic content, for example, audio, video or graphic content, playing online games, and so on. Browser plugins can work as independent components, and this feature might be a huge security vulnerability. Just like any other software, plugins have to be up-to-date; otherwise, they might be responsible for making computer vulnerable and allowing security attacks. Outdated plugins do not have latest security fixes and updating them manually is often inconvenient for the people. What is more, while browsing the Web some users might receive an alert that particular content cannot be shown due to the missing plugin. For instance, people might be suggested to install Java, Adobe Flash or video and audio streaming apps. Often the alerts offer to install them directly or provide download links. Though, their installation might be dangerous if they are provided by unknown third-parties. The majority of browser developers collaborate with plugin developers to find new ways how to integrate particular plugins in the browsers and update them automatically in order to help and protect users.
Generally speaking, browser plugins are supposed to be useful and helpful applications that enhance browsing experience. For example, some legitimate plugins allow quick access to particular search services, help to increase productivity, block online ads or change browser’s interface. However, not all of them are designed to give benefit for the user. Apart from legitimate plugins, there are malicious ones that are created for giving benefit to its developers only. Meanwhile, users have to deal with various issues while browsing the Internet. Some of the malicious apps might provide an excessive amount of ads, initiate redirects and install third-party applications. What is more, they might track information about the users and use it for various purposes. Nevertheless, aggregated data is mostly used for online advertising; this activity might also lead to the privacy issues. Malicious browser plugins are closely related to potentially unwanted programs (PUP), such as adware or browser hijackers, because of their similar functionality and ability to get inside the system unnoticed. Causing inconveniences and interfering browsing session is not the only negative aspect. These issues might also lead to serious infections, malware attacks or personal data loss.
The dangers of malicious browser plugins
Nevertheless, browser plugins are supposed to expand browser’s functionality; not all of them do that. Some of them distract browsing sessions and force browsers to act suspiciously. Therefore, identification of malicious plugin is quite simple because they might interfere browsing sessions by delivering various forms of online ads in an aggressive way, altering browser’s settings or installing third-party applications. All these activities not only diminishes browsing quality but also raises dangers to the computer and its user:
- An excessive amount of commercial content. Some plugins are designed to deliver an excessive amount of online ads, such as pop-ups, banners, in-texts, links, etc. They might aggressively bombard the browser; however, even accidental click on them might end up with a virus attack or online scam. Some of the ads delivered by malicious browser plugins might be the part of malvertising campaigns, trick to install or purchase bogus software or involve in an online scam.
- Redirects. Particular plugins might initiate redirects to the third-party websites. Often these redirects are triggered when a user clicks on particular field or link on the website, and instead of being redirected to the proper place, he or she ends up on the third-party domain. The problem is that these Internet sites might be infected, misleading or related to other cyber crimes, such as Tech Support Scam.
- Installation of unknown applications. Malicious plugins also might be capable of installing third-party apps, extensions, toolbars or other plugins without notifying about it. Also, some applications might alter browser’s settings and force to use suspicious search engines. There’s no doubt that these tools might expose people to other online dangers. Unknown tools might also be responsible for delivering aggressive and potentially dangerous commercial content. What is more, they might be responsible for tracking sensitive information and sharing it with affiliates.
- Tracking data. Ability to track information about the users might lead to serious privacy-related issues. Usually, malicious plugins are collecting non-personally identifiable information that is related to browsing history and habits. However, sometimes they are trying to steal sensitive and personally identifiable information. This might lead to such problems as data breach, money loss, stolen login credentials or even identity theft.
These four main dangers are quite similar to possible threats that might be caused by potentially unwanted programs. Indeed, PUPs and malicious plugins are often related, because they help each other to travel and infiltrate computers.
Installation methods of the malicious plugins
Malicious plugins need permission to get inside the computer and help to spread on the Web. Differently than viruses, these cyber parasites cannot travel and infiltrate computers themselves. Developers of these apps use several distribution strategies that involve computer users as well. Without computer owner’s permission, malicious apps cannot get inside the system. Though, this permission might be given both – directly and indirectly. The most common methods used by the developers are based on tricking people to install these programs themselves or using deceptive software marketing technique “bundling.”
“Bundling” is the main distribution method for the potentially unwanted programs. As mentioned earlier, malicious plugins and PUPs are closely related; hence, it explains why the same method is used for plugins distribution as well. These applications can be added to the software packages as optional components. When people install freeware or shareware, they might see pre-selected programs and reject their installation. However, it requires using Advance/Custom installation mode, and sadly, the majority of computer users rely on Quick/Recommended settings. The latter settings to do not disclose about these additional components and using them gives extra components permission to enter the system. What is more, the advanced installation itself does not protect from malicious plugins and PUPs. The user has to monitor the process and to opt out these entries himself or herself. Moreover, having adware, browser hijacker or other potentially unwanted application installed on the device might also help malicious plugins to be installed. Some of these applications are capable of installing them silently.
Malicious browser plugins might also be represented as useful, reliable and legitimate tools. For this reason, users might be tricked to install them voluntarily. Some of these programs might be promoted as advanced search engines, ad-blocking tools or expand browser’s functionality in a different way.
Nevertheless, the majority of plugins are capable of operating in different Web browsers; Internet Explorer is worth specific attention. This web browser, as well as other Microsoft services, have ActiveX controls that are often responsible for various security vulnerabilities and problems. ActiveX controls are legitimate, but users are advised to avoid their installation. While browsing the Web using Internet Explorer, some websites might alert and suggest installing particular ActiveX controls. However, instead of installing them, users might install malicious plugin, script or malware itself. What is more, on the infected website ActiveX controls and their vulnerabilities might be used for cyber attacks. As a result, people might notice not only increased amount of online ads but also to deal with serious cyber threats, computer-related or privacy-related issues.
Elimination of malicious browser plugins
Malicious plugins put computers and their owners at risk. It doesn’t matter how huge or small the damage might be; there’s no need to risk and wait. It’s important to remove them as soon as they are noticed on the system. The signs of having malicious browser plugin installed are evident – from seeing tons of online ads to losing sensitive information. Some of these applications might be easily found and eliminated from the system manually; however, they might be related to other malicious entries that might be hard to locate. For this reason, it’s recommended to rely on automatic elimination option. It requires using a reputable anti-malware or anti-spyware programs. Tools such as Reimage or Malwarebytes Anti Malware can scan computer system and within several minutes detect malicious components. However, it’s crucial to use up-to-date tools because only they can detect and identify the latest cyber parasites. It rarely happens, that professional tools fail to clean the computer. Unfortunately, developers of malicious programs become better and better every day and find new ways how to trick security software. In this case, computer users have any other choice, just to investigate the system themselves and get rid of the dangerous entries manually.
Latest browser plugins in the database
Additional information added on 2017-02-28