Malware spreading through Google Chrome Extensions
Today I noticed a facebook-friend added a lot of links to a bit.ly URL, while tagging alot of her friends (including me) in the post. I did some investigation on the links and found them to follow a PHP file on a webserver running on an IP address 87.98.175.xx. The html on the site, was a redirect to another domain, which tries to trick the user into installing a chrome extension named "Unlimited Watching" which actively spreads itself via your facebook contacts.Removal Instructions To remove the extension, browse to your local extensions folder:
and remove the folder which should be named either "mlnbmbaijkebfahbjllddofbdahmknae" or "Unlimited Watching". After doing so, start up Chrome again.