14 DAY TRIAL // Belgian security researcher Bart Blaze has come across a new method of pushing Chrome extensions using scareware tactics.
The researcher noticed this new trick while surfing the Web. When on a particular site he did not want to name, he saw an annoying popup trying to scare users into thinking their browser contained malware.
"Your browser contains MALWARE. You have to install Chrome Malware Removal tool," the popup read, and when the user pressed OK, it would redirect them to a Google Chrome Web Store page, where they could install the Chrome Malware Removal Tool extension.
Trying to figure out if the website he was visiting was somehow hacked and compromised to show such annoying popups, the researcher couldn't find anything suspicious in the source code.
He did find the source of the popup, but not in the site itself, but in a script loaded by a third-party service that the website had contracted to show its EU Cookie Law consent popups.
The EU Cookie Law popup was secretly loading the second pop-up, which it was using to push the shady Chrome extension down the user's throat.
And we say "shady" because, if you take a look at the Chrome extension's user reviews, half of them are from users accusing the tool of being malware itself.
"Stay clear from scripts offered by 3rd party EU cookie consent websites and rather create your own pop-up," Blaze advises fellow webmasters.
