Andrei Cristian Serbanoiu Bitdefender
This paper assesses the scale of the phenomena and also presents the channels through which these types of threats propagate. The analysis continues by presenting the multiple social mechanisms that attackers have employed to persuade the users, tricking them into installing the dangerous add-ons and by doing that possibly compromising all the browser submitted data.
Furthermore, the paper stresses the dangers one exposes oneself to when installing an untrusted extension and emphasizes the vulnerabilities in the security measures imposed by the official extension repositories. Finally, we propose a means of detecting potentially dangerous add-ons based on code analysis and behavioural patterns exhibited by malicious add-ons.