Hackers are using malicious browser extensions to infect both Google Chrome and Microsoft Edge with dangerous malware

As reported by The Hacker News, this recently discovered malware campaign has been active since 2021 and has affected at least 300,000 Chrome and Edge users to date

What makes this malware particularly dangerous is its ability to persist on infected PCs This means that even if you remove the malicious extension, the malware will reactivate the next time you restart your computer

Here is what you need to know about this malware campaign and how to actually remove the malicious extensions used in this campaign once and for all

Like other malware campaigns, this campaign uses malvertising to trick unsuspecting users into downloading and installing dangerous software

The hackers behind it create look-alike sites that impersonate popular software and services such as Roblox FPS Unlocker, YouTube, VLC media player, Steam, and Keepass Potential victims think they are installing legitimate software and extensions, but in reality they are downloading a Trojan horse that installs malicious extensions used by this malware “

Since this malware affects both Chrome and Edge, the same process must be repeated for the Edge extension in this path: “ComputerHKEY_LOCAL_MACHINE}/SOFTWARE}/Policies/Microsoft /Edge/Edge/ExtensionInstallForcelist”

You can remove the malware files yourself, but it is much better to remove them using the best anti-virus software solution If you want to remove it manually, you can find instructions at the end of the ReasonLabs blog post linked above

Going through the process of removing these malicious extensions and the malware they drop on your PC will make you think twice before downloading new software or browser extensions from untrusted sources If you choose to download a new extension, do so from the Chrome Web Store or the Microsoft Edge add-on store