Researchers from security firm ICEBRG found malicious extensions in the Google Chrome Web Store with more than 500,000 overall downloads. Firstly they discovered that “HTTP Request Header” extension were using for a click-fraud scam when they noticed unusual spike in outgoing network traffic. The extension visited advertising-related links in the Web from the infected machines to generate revenue from per-click rewards. Later they investigated another three Chrome extensions that did the same: Nyoogle, Stickies, and Lite Bookmarks.
Also ICEBRG reported in their blog post that the extensions could be used to access business networks and user information. Google already removed the extensions from the Chrome Web Store, but this may not removed it from all impacted hosts and malicious extensions can be added through a third-party Chrome extension repositories that may allow the installation of the extensions.
Google Chrome known as one of the most secure browsers and all extensions goes through automated checks of the code and behavior before publication. But sometimes the malicious extensions slip through that checks and became available in the Chrome Web Store.