430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Watch out! ‘The Great Suspender’ Chrome extension contains Malware

Google removed the popular The Great Suspender from the official Chrome Web Store for containing malware and deactivated it from the users’ PC. Google on Thursday removed The Great Suspender extension from the Chrome Web Store. Million of users have installed the popular Chrome extension, the IT giant also took the proactive measure of deactivating it from […]

Google Chrome Gemini Live

Google removed the popular The Great Suspender from the official Chrome Web Store for containing malware and deactivated it from the users’ PC.

Google on Thursday removed The Great Suspender extension from the Chrome Web Store. Million of users have installed the popular Chrome extension, the IT giant also took the proactive measure of deactivating it from users’ computers.

The extension had more than two million installs before it was removed from the Chrome store. The extension was used to suspend tabs that aren’t in use with the intent of saving resource. The extension replaces the suspended pages with a blank page until the users decide to use it again.

“This extension contains malware,” read the notification published by Google.

Experts discovered that a new maintainer of the extensions has secretly added a feature that could be exploited to remotely execute arbitrary code.

The malicious code could be exploited to carry out malicious activities, such as committing advertising fraud.

“The old maintainer appears to have sold the extension to parties unknown, who have malicious intent to exploit the users of this extension in advertising fraud, tracking, and more. In v7.1.8 of the extension (published to the web store but NOT to GitHub), arbitrary code was executed from a remote server, which appeared to be used to commit a variety of tracking and fraud actions. After Microsoft removed it from Edge for malware, v7.1.9 was created without this code: that has been the code running since November, and it does not appear to load the compromised script. The malicious maintainer remains in control, however, and can introduce an update at any time. Well, they could until Google nuked the extension from their store.” reads a post published by Calum McConnell on GitHub. “The Great Suspender has been removed from the Chrome Web Store.” 

Microsoft blocked The Great Suspender extension since November for the presence of malicious code.

The extension’s original creator Dean Oemcke sold the extension in June 2020 to an unidentified party, since then the new maintainer uploaded two new versions on the Chrome store, 7.1.8 and 7.1.9.

If you have lost tabs due to the extension being removed read the following post:

“The extension comes with its own tab history management UI to help users recover from lost tabs. Go to the extension options page (from ‘settings’ in the popup or ‘options’ when right-clicking on the extension). Then in the settings sidebar click on ‘Session management’. This will show you your most recent tab sessions. You can click on each session to see more detail on the individual windows and tabs it contains. To reload a session, simply click the ‘reload’ link. This will reload all windows and tabs in an ‘unsuspended’ state. If your session contains a very large number of tabs, then you might instead want to click ‘resuspend’ which will be much faster as it reloads the tabs in a suspended state.”

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Chrome)

[adrotate banner=”5″]

[adrotate banner=”13″]