Fake Microsoft Authenticator extension spotted in the Chrome Web Store

Fake Microsoft Authenticator “Extension” was discovered recently.

 

The malicious extension directed users to a Polish website that fooled them into creating an account in order to steal their personal information.

 

Browser extensions are common among users of the most commonly used browsers – Google Chrome, Mozilla Firefox, Microsoft Edge, Vivaldi, Opera – and provide a range of functions beyond the advertised features of a web browser.

 

Although you don’t see malicious browser extensions on these browsers every day, malware does occasionally find its way into their web/app stores.

 

According to Neowin, the official source of extensions for Google’s Chrome browser, the Chrome Web Store, had a fake “Microsoft Authenticator” extension for weeks before it was eventually removed.

 

Also read: Beware: Ficker-info stealing malware is pretending to be Microsoft Store

 

 

 

According to the report, the extension’s developer name was “Extensions” rather than Microsoft, which obviously did not trigger Google’s safety measures.

 

 

Chrome malware,chrome extension malware,chrome extensions,chrome store malware,malicious chrome extension,malicious browser extension,browser extensions,chrome phishing extension,chrome phishing, microsoft authenticator chrome extension,microsoft authenticator windows 10, gauth authenticator, google authenticator firefox, microsoft autofill android, microsoft authenticator edge, microsoft authenticator add on chrome, microsoft password manager chrome, microsoft autofill extension, microsoft authenticator windows 10, gauth authenticator, google authenticator firefox, microsoft autofill android, microsoft authenticator edge, microsoft authenticator add on chrome, cyber crime, cyber news, Cyber Security, cyber security news, cyber security news today, cyber security updates, cyber updates, cyberattacks, cybersecurity news, data breach, Data leak, Fraud, hacker news, hacking news, information security, network security, ransomware, ransomware malware, reset password, software vulnerability, Microsoft, android, google, fake microsoft authenticator app, fake microsoft authenticator app for google chrome, fake microsoft authenticator chrome extension,  
Source: gHacks

 

 

Microsoft Authenticator, like Twilio’s Authy and Google Authenticator, is a multi-factor authentication tool that can be used on mobile devices to generate security codes after users enter their passwords when signing in to their favorite websites.

 

The service is compatible with both Android and Apple’s iOS operating systems, but unlike Authy, it does not have an official browser extension.

 

What’s more alarming is that gHacks discovered the malicious extension masquerading as the official Microsoft Authenticator app on the Chrome Web Store just last month.

 

Despite the fact that it was discovered on April 23, it seems that Google did not delete the download until hundreds of people had downloaded it.

 

 

You might also like: Microsoft Edge blocks Firefox installer: Report

 

 

 

According to the report, the extension directed users to a Polish website that persuaded them to create an account in order to harvest their personal information.

 

According to the Register, Microsoft has never launched an extension for its Authenticator application for Google Chrome or any other browser.

 

Users who want to use the Authenticator service can download the app from the respective app stores for their Android and iOS devices.

 

,