|
|
Chrome Web Store 中有多达 111 个扩展秘密收集用户敏感数据,而它们被总计下载了 3296 万次,Google 官方已经将其下架。这些恶意扩展被发现会收集屏幕截图、设备剪贴板内容,用户登陆网站的浏览器 Cookies,密码等按键。绝大部分扩展都是模块化的,安装之后可以用可执行文件进行更新。
各位聚聚可以按照如下步骤操作看看自己有没有中招。
1.在 Chrome 中输入 chrome://extensions/ 打开扩展程序页面
2.在该页面按下F12,在Console 控制台中运行以下代码,回车,✅为无风险,❌为风险项
// https://awakesecurity.com/wp-content/uploads/2020/06/GalComm-Malicious-Chrome-Extensions-Appendix-B.txt
malicious = [
"acmnokigkgihogfbeooklgemindnbine",
"apgohnlmnmkblgfplgnlmkjcpocgfomp",
"apjnadhmhgdobcdanndaphcpmnjbnfng",
"bahkljhhdeciiaodlkppoonappfnheoi",
"bannaglhmenocdjcmlkhkcciioaepfpj",
"bgffinjklipdhacmidehoncomokcmjmh",
"bifdhahddjbdbjmiekcnmeiffabcfjgh",
"bjpknhldlbknoidifkjnnkpginjgkgnm",
"blngdeeenccpfjbkolalandfmiinhkak",
"ccdfhjebekpopcelcfkpgagbehppkadi",
"cceejgojinihpakmciijfdgafhpchigo",
"cebjhmljaodmgmcaecenghhikkjdfabo",
"chbpnonhcgdbcpicacolalkgjlcjkbbd",
"cifafogcmckphmnbeipgkpfbjphmajbc",
"clopbiaijcfolfmjebjinippgmdkkppj",
"cpgoblgcfemdmaolmfhpoifikehgbjbf",
"dcmjopnlojhkngkmagminjbiahokmfig",
"deiiiklocnibjflinkfmefpofgcfhdga",
"dipecofobdcjnpffbkmfkdbfmjfjfgmn",
"dopkmmcoegcjggfanajnindneifffpck",
"dopmojabcdlfbnppmjeaajclohofnbol",
"edcepmkpdojmciieeijebkodahjfliif",
"ekbecnhekcpbfgdchfjcfmnocdfpcanj",
"elflophcopcglipligoibfejllmndhmp",
"eogfeijdemimhpfhlpjoifeckijeejkc",
"fcobokliblbalmjmahdebcdalglnieii",
"fgafnjobnempajahhgebbbpkpegcdlbf",
"fgcomdacecoimaejookmlcfogngmfmli",
"fgmeppijnhhafacemgoocgelcflipnfd",
"fhanjgcjamaagccdkanegeefdpdkeban",
"flfkimeelfnpapcgmobfgfifhackkend",
"fmahbaepkpdimfcjpopjklankbbhdobk",
"foebfmkeamadbhjcdglihfijdaohomlm",
"fpngnlpmkfkhodklbljnncdcmkiopide",
"gdifegeihkihjbkkgdijkcpkjekoicbl",
"gfcmbgjehfhemioddkpcipehdfnjmief",
"gfdefkjpjdbiiclhimebabkmclmiiegk",
"ggijmaajgdkdijomfipnpdfijcnodpip",
"ghgjhnkjohlnmngbniijbkidigifekaa",
"gllihgnfnbpdmnppfjdlkciijkddfohn",
"gmmohhcojdhgbjjahhpkfhbapgcfgfne",
"gofhadkfcffpjdbonbladicjdbkpickk",
"hapicipmkalhnklammmfdblkngahelln",
"hijipblimhboccjcnnjnjelcdmceeafa",
"hmamdkecijcegebmhndhcihjjkndbjgk",
"hodfejbmfdhcgolcglcojkpfdjjdepji",
"hpfijbjnmddglpmogpaeofdbehkpball",
"ianfonfnhjeidghdegbkbbjgliiciiic",
"ibfjiddieiljjjccjemgnoopkpmpniej",
"inhdgbalcopmbpjfincjponejamhaeop",
"iondldgmpaoekbgabgconiajpbkebkin",
"ipagcbjbgailmjeaojmpiddflpbgjngl",
"jagbooldjnemiedoagckjomjegkopfno",
"jdheollkkpfglhohnpgkonecdealeebn",
"jfefcmidfkpncdkjkkghhmjkafanhiam",
"jfgkpeobcmjlocjpfgocelimhppdmigj",
"jghiljaagglmcdeopnjkfhcikjnddhhc",
"jgjakaebbliafihodjhpkpankimhckdf",
"jiiinmeiedloeiabcgkdcbbpfelmbaff",
"jkdngiblfdmfjhiahibnnhcjncehcgab",
"jkofpdjclecgjcfomkaajhhmmhnninia",
"kbdbmddhlgckaggdapibpihadohhelao",
"keceijnpfmmlnebgnkhojinbkopolaom",
"khhemdcdllgomlbleegjdpbeflgbomcj",
"kjdcopljcgiekkmjhinmcpioncofoclg",
"kjgaljeofmfgjfipajjeeflbknekghma",
"labpefoeghdmpbfijhnnejdmnjccgplc",
"lameokaalbmnhgapanlloeichlbjloak",
"lbeekfefglldjjenkaekhnogoplpmfin",
"lbhddhdfbcdcfbbbmimncbakkjobaedh",
"ldoiiiffclpggehajofeffljablcodif",
"lhjdepbplpkgmghgiphdjpnagpmhijbg",
"ljddilebjpmmomoppeemckhpilhmoaok",
"ljnfpiodfojmjfbiechgkbkhikfbknjc",
"lnedcnepmplnjmfdiclhbfhneconamoj",
"lnlkgfpceclfhomgocnnenmadlhanghf",
"loigeafmbglngofpkkddgobapkkcaena",
"lpajppfbbiafpmbeompbinpigbemekcg",
"majekhlfhmeeplofdolkddbecmgjgplm",
"mapafdeimlgplbahigmhneiibemhgcnc",
"mcfeaailfhmpdphgnheboncfiikfkenn",
"mgkjakldpclhkfadefnoncnjkiaffpkp",
"mhinpnedhapjlbgnhcifjdkklbeefbpa",
"mihiainclhehjnklijgpokdpldjmjdap",
"mmkakbkmcnchdopphcbphjioggaanmim",
"mopkkgobjofbkkgemcidkndbglkcfhjj",
"mpifmhgignilkmeckejgamolchmgfdom",
"nabmpeienmkmicpjckkgihobgleppbkc",
"nahhmpbckpgdidfnmfkfgiflpjijilce",
"ncepfbpjhkahgdemgmjmcgbgnfdinnhk",
"npaklgbiblcbpokaiddpmmbknncnbljb",
"npdfkclmbnoklkdebjfodpendkepbjek",
"nplenkhhmalidgamfdejkblbaihndkcm",
"oalfdomffplbcimjikgaklfamodahpmi",
"odnakbaioopckimfnkllgijmkikhfhhf",
"oklejhdbgggnfaggiidiaokelehcfjdp",
"omgeapkgiddakeoklcapboapbamdgmhp",
"oonbcpdabjcggcklopgbdagbfnkhbgbe",
"opahibnipmkjincplepgjiiinbfmppmh",
"pamchlfnkebmjbfbknoclehcpfclbhpl",
"pcfapghfanllmbdfiipeiihpkojekckk",
"pchfjdkempbhcjdifpfphmgdmnmadgce",
"pdpcpceofkopegffcdnffeenbfdldock",
"pgahbiaijngfmbbijfgmchcnkipajgha",
"pidohlmjfgjbafgfleommlolmbjdcpal",
"pilplloabdedfmialnfchjomjmpjcoej",
"pklmnoldkkoholegljdkibjjhmegpjep",
"pknkncdfjlncijifekldbjmeaiakdbof",
"plmgefkiicjfchonlmnbabfebpnpckkk",
"pnciakodcdnehobpfcjcnnlcpmjlpkac",
"ponodoigcmkglddlljanchegmkgkhmgb",
];
document
.querySelector("extensions-manager")
.shadowRoot.querySelector("cr-view-manager extensions-item-list")
.shadowRoot.querySelectorAll("extensions-item")
.forEach((item) => {
const name = item.shadowRoot.querySelector("#name").innerText;
if (malicious.includes(item.id)) {
console.log("❌", item.id, name);
} else {
console.log("✅", item.id, name);
}
});
3.删除提示风险的插件 |
|
简体中文
英语
日语
韩语
法语
西班牙语
越南语
泰语
阿拉伯语
俄语
葡萄牙语
德语
意大利语
希腊语
荷兰语
波兰语
保加利亚语
爱沙尼亚语
丹麦语
芬兰语
捷克语
罗马尼亚语
斯洛文尼亚语
瑞典语
匈牙利语
繁体中文
文言文
发表于 2020-6-23 00:04:55
置顶卡
喧嚣卡
变色卡
千斤顶
发表于 2020-6-23 08:14:41
