Over 35 Chrome extensions offering a wide range of services are behaving suspiciously or dubiously. All are unlisted, meaning they are invisible to users unless users possess a URL. Some 4 million installs of these extensions have been made, yet many are difficult to find. Ten are stamped the ‘Featured’ designation, indicating Google has verified their developers. ‘Fire Shield Extension Protection’, for example, seems to check for malicious Chrome extensions, but references dubious domains in its code.
If you have these apps on your smartphone, delete them right away, they contain malware.
Cybersecurity researchers have identified a sophisticated spyware called KoSpy that hides within popular Android applications. Capable of hiding in utility applications, the malware tracks location,
