Bogus MS Authenticator in Chrome Store…

Just a quick heads-up to any Chrome users who downloaded the “Microsoft Authenticator” add-on for Chrome… It doesn’t come from Microsoft, it comes from the developer “Extension” and redirects to a site in Poland to try and get users to sign in to a phishing site. It also used high CPU, so possibly a crypto-miner as well.

Microsoft has never released a Chrome Add-on for their Authenticator, it is built into Edge, or is a stand-alone app on Android (and iOS?).

If you downloaded it, you might want to change all passwords stored in Authenticator and rescind and renew all OTP codes for the Authenticator app.

Google gave no comment, on how the add-on managed to get published in the store in the first place.

As with the Play Store, Apple’s App Store or downloading directly from the web, double and triple check the site / author of the application/app/add-on before installing. If the name doesn’t match up with the company behind the app/add-on, don’t install it, before double checking to ensure that it is legitimate – some companies have apps written for them by other companies, so there are legitimate times, where a web developer or software developer writes an app or add-on for another company and publishes it themselves.

For web software or sites in general, before I log on or download something, I always ensure the certificate is from a trusted source – although most AV packages these days perform a “man-in-the-middle” attack on all browsers, so you cannot verify the certificate is legitimate, because the certificates for every site are illegitimate!

Conversation 11 comments

  • madthinus

    Premium Member
    20 May, 2021 - 7:00 am

    <p>A reminder that the App stores is about money and not quality. </p>

  • Paul Thurrott

    Premium Member
    20 May, 2021 - 9:16 am

    <p>This has already been removed from the Chrome Web Store.</p>

    • wright_is

      Premium Member
      20 May, 2021 - 9:22 am

      <p>Yes, but anyone who had downloaded it and used it is still going to need to be informed and they will then need to reset all their passwords and OTPs.</p>

      • Truffles

        21 May, 2021 - 4:57 am

        <p>I’d have assumed that the computer decline to load a program that had had its key removed from the store. Or is that just an Apple thing? </p>

        • wright_is

          Premium Member
          21 May, 2021 - 7:09 am

          <p>It was downloaded by a lot of people, before Google was made aware of the problem. That means that a lot of people did download it and use it and would have logged themselves into the fishing site with their Microsoft credentials and would therefore have given the phisher complete access to their password store.</p><p><br></p><p>Once it was revoked, it should have failed to load again, not much help to someone who had already lost all their passwords…</p>

  • anoldamigauser

    Premium Member
    20 May, 2021 - 10:13 am

    <p>Isn’t the argument for having a single store to gatekeep apps that they will insure the quality and safety of the apps? I mean that is what they use the 30% vig for, right?</p>

    • wright_is

      Premium Member
      20 May, 2021 - 12:42 pm

      <p>They don’t have enough people checking, as much as possible if done through automation and AI, which is never as good as a real person doing the checks, something like a Microsoft app coming from a company named Extension is immediately obvious to a human, but not to a machine. </p>

    • jimchamplin

      Premium Member
      20 May, 2021 - 6:04 pm

      <p>The Chrome Web Store I don’t think is curated that much.</p>

    • Truffles

      21 May, 2021 - 5:04 am

      <p>Apple published these stats the other day (this should display as an image, cross fingers). The scale is pretty amazing, though I assume the vast majority is automated:</p><p><img src="; alt="Key stats of actions Apple took to prevent fraud on the App Store in 2020."></p>

      • lvthunder

        Premium Member
        21 May, 2021 - 2:47 pm

        <p>Yikes. Those are staggering numbers.</p>

    • lvthunder

      Premium Member
      21 May, 2021 - 2:50 pm

      <p>No one is perfect. App reviewers are people too. And people make mistakes.</p>

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Thurrott © 2023 Thurrott LLC