EditThisCookie is a specialised extension for Google Chrome that you could be use to edit cookie knowledge saved by the browser. I discussed it again in 2015 right here on Ghacks.
The extension, with over 3 million customers and 11,000 rankings, has been faraway from the Chrome Internet Retailer. What Google has not eliminated is a copycat extension, first referred to as EditThisCookies and now EditThisCookie®, which is malicious.
Whenever you attempt to launch the Chrome Internet Retailer tackle of the official extension, you get the “This merchandise will not be obtainable” error message. The web page of the pretend extension continues to be up (not linked, as a result of it’s malicious).
Eric Parker, recognized for his malware investigations, analyzed the malicious extension in a YouTube video.
The extension had 30,000 customers on the time the video was revealed on YouTube. Immediately, it sits at greater than 50,000 customers.
Parker put in the extension on a take a look at system and found a number of anomalies. These embody:
- A pretend web site for the pretend extension.
- Obfuscated code.
- Info stealing code, particularly when on Fb.
- Phishing.
- Promoting code.
The researcher didn’t discover code to exfiltrate cookie knowledge, which implies that session cookies usually are not touched by the analyzed model of the extension.
With computerized extension updates enabled by default in Chrome, there’s a likelihood that extra spyware and adware or malware capabilities are added through updates.
Chrome and Chromium customers could wish to test the record of put in extensions to see if the pretend one is put in on their units.
Simply load chrome://extensions/ within the browser’s tackle bar to get a listing of all user-installed extensions. When you see EditThisCookies or EditThisCookie®, then you have got the pretend one put in. Take away it instantly in that case.
Another is Cookie Editor.
Good to know: our information on verifying Chrome extensions.
Closing Phrases
The destiny of the unique standard cookie modifying extension for Chrome is unclear at this stage.
A test on the official’s extension presence on GitHub means that it might have one thing to do with lacking Manifest V3 assist. The extension seems to have been unavailable since a minimum of July 2024.
Whereas it might make for an ideal headline, that Google eliminated the fallacious extension, it appears extra seemingly that the official extension was eliminated as a result of it doesn’t assist the brand new extensions ruleset for Chrome.
Google’s net retailer had and nonetheless has a large copyat extension drawback. Again in 2015 and 2017, I seen that the shop hosted quite a few “uBlock” extensions. All of them, aside from uBlock Origin, had been copycats.
Anticipate extra copycats of extensions that aren’t up to date from the outdated extensions manifest to the brand new within the close to future.
What’s your tackle this? Do you vet Chrome extensions earlier than set up?
Abstract
Article Title
Google Chrome: legit EditThisCookie extension eliminated as a substitute of malicious copycat
Description
EditThisCookie, an extension with over 3 million customers, is now not obtainable on the Chrome Internet Retailer. Its pretend copycat is, nonetheless. Here’s what occurred.
Writer
Martin Brinkmann
Writer
Ghacks Expertise Information
Emblem
Commercial
