Security News > 2023 > June > Malicious Chrome extensions with 75M installs removed from Web Store
Google has removed from the Chrome Web Store 32 malicious extensions that could alter search results and push spam or unwanted ads.
Cybersecurity researcher Wladimir Palant analyzed the PDF Toolbox extension available from Chrome Web Store and found that it included code that was disguised as a legitimate extension API wrapper.
At the time of Palant publishing the second post, all of the extensions were still available in the Chrome Web Store.
Although the researcher did not observe any clear malicious activity, he noted that there are numerous user reports and reviews on the Web Store indicating that the extensions were performing redirections and search result hijacking.
Responding to a request for comment from BleepingComputer before Avast published its findings, a Google spokesperson said that the "Reported extensions have been removed from the Chrome Web Store."
Users should note that the removal of the extensions from the Chrome Web Store does not automatically deactivate or uninstall them from their browsers, so manual action is required to eliminate the risk.