Threat Database Potentially Unwanted Programs Tower Blocks Chrome Extension

Tower Blocks Chrome Extension

The Tower Blocks Chrome Extension is described as a fun building blocks game that can be installed on Google Chrome and Chromium-based browsers. The Tower Blocks Chrome Extension is said to provide a pixel-art experience and launch a Tetris-like game in a new tab in your Web browser. The Tower Blocks Chrome Extension was reported of downloading data from untrusted locations and connecting questionable IP addresses. An investigation into the origins of the Tower Blocks Chrome Extension revealed troubling facts. The app appears to share many code lines with the Memory Game Chrome Extension that we reported on April 4th, 2018. Both applications may be used to load insecure content in your browser and expose you to phishing pages, fake user reviews and invitations to install riskware.

The Tower Blocks Chrome Extension is designed to communicate with the 5.187.2.107 and 5.189.187.34 IP addresses and download resources over insecure connections. Both IP addresses are associated with phishing pages and threat sources. When users install the Tower Blocks Chrome Extension, they are asked to grant it the right to read and change all data exchanged online. The creators of the Tower Blocks Chrome Extension may abuse this privilege and enable the extension to load bad code in the browser and potentially record the user logins and input on non-HTTPS pages. We found that the Tower Blocks Chrome Extension has four clones on the Google Chrome Web Store, which include the following:

  • 'Tower Blocks' Chrome Extension by 13updatech150218fe[.]ru published on Chrome.google[.]com/webstore/detail/tower-blocks/fiaddlecedlffmgbffpaglgkhaplhmcc and installed by 1,711 users.
  • 'Tower Blocks' Chrome Extension by 29up1802vd[.]xyz published on Chrome.google[.]com/webstore/detail/tower-blocks/ofcpgneakmigbpocaopjgjbjfjddoicb and installed by 4,178 users.
  • 'Tower Blocks' Chrome Extension by 55inechs[.]xyz published on Chrome.google[.]com/webstore/detail/tower-blocks/jlpoocknaaegkampkpafkkfghfjdmjna and installed by 12,710 users.
  • 'Tower Blocks' Chrome Extension by Easyfps[.]info published on Chrome.google[.]com/webstore/detail/tower-blocks/dddpckplncklfbgaljojknnjolknpdbo and installed by 4,146 users.

All instances of the Tower Blocks Chrome Extension appear to load offline resources in the browser and invite users to play a Tetris-like mini-game. The Tower Blocks Chrome Extension does not appear to include a channel for updates to the game. The extension is observed to generate background pages that are listed in the Omnibox as:

'Tower Blocks | chrome-extension://dddpckplncklfbgaljojknnjolknpdbo/background.html'
'Tower Blocks | chrome-extension://fiaddlecedlffmgbffpaglgkhaplhmcc/background.html'
'Tower Blocks | chrome-extension://jlpoocknaaegkampkpafkkfghfjdmjna/background.html'
'Tower Blocks | chrome-extension://ofcpgneakmigbpocaopjgjbjfjddoicb/background.html'

The Tower Blocks Chrome Extension is categorized as a Potentially Unwanted Program (PUP) that may be used to present users with misleading messages, unfavorable subscription plans, shady programs and fake user reviews on online stores. It is recommended to reconsider using the Tower Blocks Chrome Extension. The Tower Blocks Chrome Extension may drop its files to C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\[extension id] and keep persistent tracking Web beacons in the Temp directory. You can remove the Tower Blocks Chrome Extension and associated clones with the help of a trusted anti-malware scanner safely.

Trending

Most Viewed

Loading...