As we do more and more of our day-to-day tasks online, our web browsers have become an irreplaceable tool for many people. Often, we decide to augment the default behavior of these browsers with browser extensions to provide custom functionality to our browsers in order to make the tasks that we perform online easier. However, with the introduction of browser extensions comes a large attack vector that could be used to serve us advertisements, circumvent web security features, or even gain access to our computer. In the case of mobile apps, relying on the official "store" significantly reduces the risk of installing malicious software. Unfortunately, in the case of browser extensions, the official web stores are not nearly as efficient in recognizing malicious extensions, with there being several cases of malicious browser extensions making it onto the Google Chrome Web Store and being ranked ahead of the legitimate extensions in search results:
Since CyberPoint is in the business of protecting what is invaluable to you, I hope to provide some guidance as how to better avoid malicious extensions.