- Navigator extensions can be silent threats, silently reaping their data without obvious signs
- Extensionpedia could become the reference source for the investigation of browser accessories before installation
- Layerx exposes a serious security gap that even the main application stores are overlooked consistently
Navigator extensions often facilitate navigation when blocking advertisements, self -control or providing productivity tools, but also represent one of the most passed safety risks over high in the current digital ecosystem.
To address this, the Layerx cybersecurity company has launched EXTENSIONEDIAA kind of “Wikipedia for extensions”, aimed at providing in -depth risk assessments for more than 200,000 browser extensions in Chrome, Firefox and Edge.
Internet users usually trust application stores to examine these extensions and make sure they are safe. However, Layerx states that these stores “only do a superficial job when examining extensions.” Although they explore malware and obvious red flags, they do not investigate behavior patterns or the lineage of the extension code.
“When someone installs an extension of the browser, either for personal or work use, users and their organizations have no idea what permits the extension has, how reactable it is the author or the general risk profile of the extension,” said or Eshed, co -founder and CEO of Layerx.
This has created an escape through which malicious actors have repeatedly introduced Spyware, Adware and data collection tools.
In recent months, identity theft based on the browser and the exfiltration of data through extensions have become so frequent that they have caused official warnings of agencies such as the FBI.
“While browser extensions are often considered harmless, in practice they are granted broad access permits to information and user identity data,” says Layerx, “the computer pirates that lead them to use as an attack channel for the theft of credentials, the acquisition of the account and theft of data.”
Layerx says that its service extracts anonymous data from millions of browser sessions through its database, which includes unified risk scores, granular permissions and detailed reputation analysis, all in a single public search tool.
While antivirus and end point protection platforms can help protect themselves against malicious extensions, the availability of a dedicated risk score could train users to make more informed decisions.
However, users should actively seek the extension database and understand the importance of the permission areas or the editor’s risk scores.
The concept is promising, but skepticism continues to exceed if users will really understand the scores or simply discard them as technical jargon. In addition, the effectiveness of said database to address the broader cybersecurity threats remains to be seen.
The concept also assumes that users will investigate extensions before installing them, something that rarely happens in practice.
By making public the extension risk scores, Layerx increases transparency, but visibility alone does not equals protection.
Extensionpedia is currently available for free, but its real impact will depend on how widely and carefully used.
