Google Chrome users beware: a series of new extensions claiming to add customisation options to your Facebook profile are in fact malicious tools created by hackers intended to hijack your social networking accounts.
Hiding in plain sight on the official Google Chrome web app store, installing one of the extensions results in a Chrome user losing control of their Facebook account, which then spams all the people on the user’s Facebook friends list with links to the extension and adding “Likes” to pages.
As if the presumed credibility given to the extensions thanks to their visibility on the official store wasn’t enough, the nasty add-ons are also being advertised on Facebook too! Again claiming to offer customisation options, the adverts redirect to the Chrome store, giving the impression to naive web users that the extension is endorsed by both Google and Facebook.
To make matters worse, the extensions are also masquerading as reputable apps, with one listed as the Adobe Flash Player, adding further confusion to the situation.
The extensions are thought to be used by scammers (in this case based in Brazil) who’ve been paid to artificially increase a Facebook page’s number of fans.
Security experts are now urging users to check and then double-check Chrome extensions’ credentials before adding them to the browser.