Google removes the original EditThisCookie instead of fake malware
Google’s Chrome Web Store is notorious for hosting malicious extensions from time to time. But what he’s done now may be an all-time low, even by his standards.
Eric Parker, a popular YouTuber/security researcher, discovered that an extension called EditThisCookie was removed from the Web Store. The problem is that a similar extension, a copycat add-on to be exact, exists, it’s called EditThisCookies®. This is not just a copycat extension, it is a malware. And Google hasn’t removed the extension from the Web Store, instead it has removed the original add-on, which is safe and boasts a user base with 3 million users.
The malicious extension, EditThisCookies®, was previously called EditThisCookies. The security researcher found that the extension contained a fake website. Upon digging deeper into the add-on’s code, they discovered obfuscation and coding that targeted user data from Facebook. The malware also included code related to displaying advertisements and phishing attacks. While the add-on did not include code that extracts data from cookies, an update to the extension could potentially add more malicious capabilities, putting user data at risk.
why for The original add-on was removedIt looks like EditThisCookie doesn’t support Manifest V3, which is the same API that killed ad blockers like uBlock Origin.
Microsoft thinks displaying pop-up ads for Xbox PC Game Pass on Windows 11 is a good idea
Microsoft wants more users to try Xbox PC Game Pass, and convince them to purchase a subscription to the service. And the best way to do this is obviously to display an ad on Windows 11. The report reveals that the operating system is displaying a pop-up notification to promote Xbox PC Game Pass.
Another ad, describing how users would feel when reading about it. Who else is to blame for this besides Microsoft? Windows 11 displays many types of advertisements, in the Start menu, File Explorer, Outlook app to name a few that promote Microsoft 365. The Weather app, which comes pre-installed with the OS, displays advertisements. Windows 11 also aggressively promotes Microsoft Edge compared to other browsers, and displays pop-ups and recommendations for the user to set it as the default browser.
for this New Xbox PC Game Pass pop-up ad, Microsoft denied that these were advertisements, preferring to call them suggestions and tips. Windows 11 users would disagree. Luckily, you can turn off such notifications from the Windows 11 Settings app.
Honey Team’s Pie AdBlock steals code from uBlock Origin
Honey is once again in the news for the wrong reasons. The service, which offers online coupons to help users save money on shopping websites, was recently found to be deceiving affiliate marketers and users by replacing affiliate cookies with its own cookies. This would allow it to earn money instead of affiliates, and it also revealed that Honey did not display the best coupons available, instead promoting coupons from its partners, potentially making users more money with better discounts. Had to spend.
Now, developers have found that the Pi Adblock extension Stealing codes from uBlock OriginPi Adblock, not to be confused with Pi-Hole, was created by the same people behind Honey. Pie Adblock is a closed-source extension, while uBlock Origin is open-source. Both content blockers use lists that are created and managed by the uBlock Origin team, which is mostly volunteers. These lists, also called filter lists, enable add-ons to block various advertisements on websites. Honey’s Pie Adblock allegedly stole these lists, which are licensed under the GNU General Public License (GPL), and used it in its own add-on that uses its own license. .
Extracting code, or copying something that uses the GPL in a non-GPL product, violates the agreement, and is illegal. Some users alleged that Pie Adblock replaces some ads to promote others. The developers of uBlock Origin have criticized Pie Adblock’s unethical practices, but it is unclear what the outcome of this new controversy may be.
Even ESET thinks switching to Linux is better than sticking with Windows 10
Windows 10 will reach its end of life support in October 2025. Millions of users around the world still use the operating system for various reasons. Some users don’t like Windows 11 because of ads and potential performance degradation. Others cannot upgrade their computers to Windows 11 due to some strict system requirements, especially TPM 2.0. Microsoft has made it clear that it will not lower the requirements, and users should upgrade their PCs or purchase a new computer that supports Trusted Platform Module 2.0 to ensure the security of their data.
Not everyone has the financial ability to upgrade their PC, even partially, let alone spend on a brand new system. This will leave millions of users stuck on Windows 10. A security researcher from ESET has published a supporting documents On the company’s website, which outlines the risks of sticking with an older operating system. This highlights the potential for security vulnerabilities that can be exploited by threat actors. ESET’s article advises users to upgrade to Windows 11, but also notes that switching to Linux is a good idea even for older computers, i.e. those that do not support TPM 2.0.
Malware was inserted into these Chrome extensions
hackers have managed to breach A cyber security company called Cyberhaven injected malicious code into its Chrome extension. The organization confirmed that it learned of the attack on December 25, 2024, just a day after the breach. According to the company report, threat actors published malicious extensions to target logins to certain websites, including AI platforms and social networks including Facebook. CyberHaven managed to remove the malicious extension from the Chrome Web Store, and published a clean version of its add-on. The company has alerted its users and advised them to reset/change their passwords.
What’s interesting here is that this was not an isolated case, at least three other extensions were targeted with similar attacks in December. These include ParrotTalks, Uvoice and VPNCity. Chrome users are advised to check if any extensions are installed on their PC and take action as required.
