Rogue and Malicious Plugins:
Sneaky and Dangerous

Malicious or rogue plugins can be almost as dangerous as full blown malware but potentially far easier to accidently install, whilst flying quietly under-the-radar. How can you spot them and how can you deal with them before they capture your precious personal info?

If you’ve used almost any Internet browser in earnest then you’ve probably used a plugin or extension at some point. If not then you may have a couple and not even realise it.

That’s part of the problem. Many folks won’t realise that they’ve installed a plugin or two and simply don’t know how to check or what they are for.

On this page we’ll help you identify dodgy plugins, let you know how to find them and remove them if need be and the dangers that they could pose.

What are they and what do they do?

Generally speaking plugins are fantastic little quality-of-life additions to your browser of choice which can add more functionality to established features or new features all together.

For example you can add more keyboard shortcuts to speed up your browsing and many password managers use a plugin as a front-end to your vault and as a method to auto-fill forms or password info.

A malicious plugin however is a compromised plugin that is installed or incorporated into your web browser that can serve up dodgy adverts or direct you to fictitious or compromised websites; it is also capable of key logging and stealing your personal data as you type info into websites.

They can literally steal anything you type on your keyboard including sensitive data entered on financial websites. They can also install other malware that can potentially gain complete access to your machine and download other malware from the internet.

Having the latest greatest piece of IT security software is great but if you’re opening the door and making it easy for malware to infiltrate your system then you’re asking for trouble.

With a long list of potential attack vectors already being actively exploited, Java and Flash zero-day vulnerabilities to name a couple, it certainly pays to be ahead of the game.

How are you likely to get one?

These days the chances of being infected are quite high, with so many exploits or vulnerability’s about and so many means to install third party software there’s a good chance if you install anything without thinking first you will end up with something bad installed on your computer.

It is also entirely possible that you install a plugin deliberately to perform a specific function, for example a different bookmark menu, and it might well perform this function perfectly well but surreptitiously harvesting your data in the background.

That’s right plugins don’t have to be entirely rotten to be considered malicious. When you install a plugin, much like when you install an app on your phone, you will be confronted with a few permissions that the plugin requires.

This might be access to your bookmarks, contacts or settings choices depending on the plugin. Just like an app asking for permissions it doesn’t actually need plugins might sometimes ask for permissions completely unrelated to their intended function.

It is also entirely possible that a plugin becomes malicious in some way after an update. For this reason it is a very good idea to check your plugins on a semi-regular basis, to make sure none have snuck through and review the ones you have installed and get rid if need be.

Either you’ll have gotten rid of a plugin you don’t need and won back a few of your precious processing resources. On the other hand you might have removed a very nasty info gathering plugin that had no positive use whatsoever. Win-win.

How can I get rid of them?

Below we’ve covered where you can find your plugins/extensions/add-ons in three common browsers. If you’re browser of choice isn’t covered below then using your search engine of choice you’ll be able to find a pretty quickly.

If you use Internet Explorer, click “Tools” and select “Manage add-ons.” Then navigate the options on the left and remove any add-ons you don’t recognise or want.

For Firefox, click the “open menu ” on the top right of your browser or click tools and then Add-ons, alternatively you can just press CTRL+SHIFT+A together.

In Chrome, click the menu button at the upper-right, hover your mouse over “More tools,” and select “Extensions.”

Remove any that you either don’t recognise, don’t want, or don’t need anymore.

How can I avoid them in the first place?

Be mindful of what you install, make sure you read and understand any messages before proceeding with the installation and always vet the site your installing from, remember free is not always good and not everyone is trustworthy on the internet.

Watch out for those pesky double negative tick boxes and always read the small print: you don’t necessarily have to “accept” to continue, as you do with a company’s EULA for example.

Make sure your operating systems and applications are always the latest if possible and up to date, have a good Anti-virus or Internet Security product installed and make sure it updates regularly. No matter how careful you are something might still slip through, your AV needs to have your back just in case.

Making sure you only install plugins from established third party vendors will help protect you and read the reviews first to make sure no one has already been infected. Sticking to known brand names will help in keeping you safe.

Do all this, check your plugins regularly and keep that AV up-to-date and you’re as protected as you can be: security is all about preparedness, that way even if something does slip through you can deal with it ASAP!