The National Telecom and Information Technology Security Board (NTISB) has issued an urgent warning for internet users to avoid 16 specific browser extensions. These extensions, including widely used AI tools and VPNs, are believed to be exploited by hackers to steal personal data and compromise security.
Hackers Target Popular Browser Extensions
According to the NTISB, hackers are increasingly taking advantage of popular browser extensions to access sensitive user information. These cybercriminals use vulnerabilities in the extensions to target data from social media, banking apps, and various online services.
Also read: How to Keep Your Computer Protected from Online Cyber Threats
Browser extensions are small software programs installed within web browsers like Google Chrome, Mozilla Firefox, or Microsoft Edge to add additional functionality. Unlike apps, which run on devices, extensions operate directly in the browser, making them easier targets for exploitation.
How Browser Extensions Function and Their Security Risks
While extensions serve a variety of functions—such as note-taking, text editing, content downloading, password storage, and ad-blocking—they often require access to sensitive data for full functionality. This need for permissions to interact with user data creates a vulnerability, particularly for free extensions, which do not generate revenue through subscriptions or ads and therefore lack the same level of security investment.
Many of these free extensions are developed by third parties, which increases the risk of data theft or malware infections. Unlike apps that typically face stricter controls, browser extensions are more prone to being compromised.
The 16 Compromised Extensions
The NTISB has flagged 16 browser extensions as potentially dangerous. Among the list are AI-powered extensions such as AI Assistant — ChatGPT, GPT 4 Summary with OpenAI, Bard AI Chat Extension, and Wayin AI. Several VPN extensions, including VPNCity and Internxt VPN, are also on the list, which is significant given the growing popularity of VPNs in Pakistan.
Other extensions identified in the NTISB advisory include Vidniz Flex Video Recorder, VidHelper Video Downloader, Bookmark Favicon Changer, and Trackker — Online Keylogger Tool. These are suspected of being compromised to collect personal information or even inject malware into users’ browsers.
Large-Scale Cyber Attack Targets Millions of Users
Last month, a significant cyber attack targeted 35 browser extensions, including the 16 highlighted by the NTISB. This attack exposed over 2.6 million users to potential data and credential theft. One of the compromised extensions, Cyberhaven, revealed that hackers had infiltrated the extension, allowing them to upload a malicious version to the Chrome Web Store.
Also Read: WannaCry, RansomWare: A Cyber Attack That Hits Million PCs Around The World
The NTISB has emphasized that hackers are taking advantage of “legitimate” extensions by adding malicious code to capture users’ personal data, including login credentials and banking information.
Safety Precautions for Browser Extension Users
To mitigate the risks, the NTISB has urged users to avoid installing any of the flagged extensions and recommended using verified alternatives. The advisory stressed that users should only download extensions from trusted developers, thoroughly review the requested permissions before installation, and regularly update or remove any unnecessary extensions to minimize exposure to threats.
The Risk of Free VPN Extensions
Two of the extensions listed in the NTISB advisory—VPNCity and Internxt VPN—are VPNs, which have become essential tools for users trying to access restricted content. Since last year, VPN usage has surged in Pakistan, largely due to local bans on platforms like X (formerly Twitter) and increasing efforts to bypass disruptions caused by internet outages.
However, experts warn that many free VPN services, particularly browser extensions, come with significant security risks. Simon Migliano, head of research at Top10VPN.com, notes that while some free VPN services may be safe, many others put users at risk by leaking IP addresses, DNS data, and other sensitive information. In a June 2024 study, Top10VPN found that 88% of free VPN services had security flaws, such as data leaks.
Also Read: PTA Seeks to Limit Usage of VPN, the Government Seeks to Tax Social Media
Migliano explained that providing a reliable VPN service comes with high costs, meaning that free VPNs often monetize user data through aggressive advertising or by selling it to third-party companies. As a result, he urged users to carefully research VPN services, read reviews, and avoid free options that seem too good to be true.
Conclusion
With hackers increasingly exploiting browser extensions to steal personal information, users must be vigilant. To minimize the risk of data breaches, it’s crucial to install only trusted extensions, avoid free VPNs, and take proactive steps to secure online data.
