With more and more people reaching the web through Google Chrome, hackers and spammers have started targeting Google Chrome too. Â Google Chrome have been proved as the most secure browser. Now, they are trying to hack you through extension system, or faking itself as a extension.
Malwarecity.com reports a new trojan that fakes itself as a Google Chrome extension. “The story is simple: Google Chrome users receive an unsolicited e-mail which announces that a new extension of their favorite browser has been developed to facilitate their access to documents from e-mails”. they wrote.
How to Identify
If you have noticed, Google Chrome extensions are always .crx files. And this trojan, is a .exe file. So,be careful with  anything that calls itself a chrome extension and is not .crx file.
What It Does
It modifies the Windows HOSTS file in an attempt to block access to Google and Yahoo webpages. Every time users want to access them and write “google.[xxx]†or “[xx].search.yahoo.com†in the web browser, they will be redirected to another IP: 89.149.xxx.xxx . This allows the malware creators to intercept the victims’ calls to reach the respective sites.
The Ultimate Solution
It’s simple ! Install extensions only from Google’s Official Extensions gallery.
If it’s not an extension and doesn’t have .crx extension, why do you refer to it as an extension. It is misleading.
the email will say it is an extension. You will download the file from a page that looks like the normal extensions gallery.
this is enough for a normal user to think that its an extension. they may not check the file extension like geeks
hmm… makes sense