Dangerous downloads: What looks like a harmless converter can steal your data

It sounds like a nightmare for the digital world: the FBI is sounding the alarm because a serious security vulnerability in the Google Chrome browser is currently putting billions of users worldwide at risk. Not only individual programs or dubious websites are affected - but an entire sector of applications that many of us use every day: File converters and browser extensions.

Specifically, the investigators warn against fake websites that pretend to offer harmless functions such as converting MP3s or videos. In reality, they hide malicious codes that allow criminals to gain access to sensitive data - including passwords, bank details and even identity information.

Deceptively real: how hackers trick users

The scam is perfidious, but unfortunately successful: cyber criminals create websites whose URLs look confusingly similar to legitimate providers. Anyone who wants to quickly convert a song or download a video falls into the trap. Instead of a tool, however, malware ends up on the computer - often without the user noticing.

According to the FBI, many of those affected only realize weeks later that their device has been compromised - when money suddenly disappears from their account or logins no longer work. Users who use extensions such as Blipshot or certain adblockers for Chrome are also particularly affected. These are considered compromised and should be deleted manually immediately.

FBI recommendations: How to protect yourself now

The FBI has published specific recommendations on how users can protect themselves now:

• Do not download any file converters or downloaders from unknown sources. Pay attention to the URL - even small deviations can be a warning signal.
• Update your virus protection programs regularly - and carry out security scans.
• Only use official browser extensions from the Chrome Web Store - and check their permissions.
• Manually delete compromised extensions if you use them - especially Blipshot and untrusted adblockers.
• In the event of suspicion, contact your bank immediately and have cards or access blocked.
• Get professional support in an emergency if you suspect malware on your device.

Prominent victim: cyberattack on media company

A recent case from the USA shows just how serious the situation is: the media company Lee Enterprises, which operates over 70 newspapers, was apparently attacked via an infected extension. The consequences: a large-scale attack on IT systems and a mandatory report to the US Securities and Exchange Commission (SEC).