14 DAY TRIAL // Security researchers from Malwarebytes have spotted a malicious Chrome extension posing as the real LastPass add-on and later helped Google remove it from their store.
The extension was named "LastPass: Free Password Manager" and it used all the logos and images of the real LastPass app to fool users into installing it in their browsers.
Once this happened, the extension would request permission to show notifications, and would add a button to the user's app screen.
"Once done, we clicked the icon on Chrome’s app page expecting it to execute malicious code, but instead it redirected us to a page on the website: appforchrome[DOT]com," said Jovi Umawing, security researcher at Malwarebytes.
Curiously, the LastApp did not steal passwords or changed browser settings, but only redirected users to ad-infested Web pages.
Researchers say that from these pages, users would be pummeled with countless ads, and later asked to install other known adware programs.
Google was told of this fake and malicious extension on their site, and the company's webmasters removed it from their Chrome Web Store.
Users that want to avoid installing fake extensions in their browsers should always use the developer's main website. In this case, the extension managed to fool users that didn't look at the low user rating score and at also the add-on's developer name, which was AdGetBlock instead of lastpass.com.
