The fake Microsoft Authenticator utility that ‘was around’ on the Chrome Web Store for almost a month has just been removed

 312 total views

2021-05-20 09:09:37

Despite Google’s tireless efforts, news of malware-laden extensions being found on the Chrome Web Store is not uncommon. However, the fact that an extension “dares” to disguise itself under the guise of a product of a large technology company like Microsoft, not only that, can “loose” exist on the Chrome Web Store for nearly a month. recently removed, it is a strange case that is somewhat interesting.

That’s exactly what happened to a Chrome browser extension called “Microsoft Authenticator” – which masquerades as Microsoft’s service of the same name. With that said, the interesting thing is that this fake extension has existed on the Chrome Web Store for nearly a month, attracting a significant number of installs before being discovered and removed by Google security team recently .

If you do not know, Microsoft Authenticator is a relatively famous security software. It serves as an additional security tool, allowing you to securely access your account using a multi-factor authentication code. However, it is important to note that this feature is only available for mobile devices and is not supported on the web platform.

Back to the fake Microsoft Authenticator. This malicious extension – somehow “miraculously” – bypassed Google’s strict authentication process and reached the Chrome Web Store. Interestingly, its publisher name is “Extensions” instead of “Microsoft”, but not many people realize this, including Google experts.

Fake Microsoft Authenticator gadget

According to the hacker who goes by the nickname “gacks”, who first discovered this illegal extension, it has been on the store since at least April 23, and has only recently been removed. not long ago. As of May 18, the fake Microsoft Authenticator has obtained hundreds of downloads with a 3-star rating. This add-on has the behavior of redirecting users to a website hosted in Poland, and asking them to create an account. Apparently, this is a piece of malware designed with the goal of collecting login information from deceived users.

Although Google has now removed the extension, there are concerns about the consequences as it has been around for nearly a month on the Chrome Web Store and has racked up hundreds of downloads.

In a related statement, Microsoft emphasized that it has never released an extension for the Microsoft Authenticator tool, and encourages users to actively and proactively report such issues to the Chrome admin team. Web Store. Meanwhile, the Google side declined to comment on the failure of the authentication process that they are always proud of.


#fake #Microsoft #Authenticator #utility #Chrome #Web #Store #month #removed

Related Posts

Leave a Reply

Your email address will not be published.

Close Bitnami banner