Browser Plugin Alert: OneClass Extension Behaves Like Malware

OneClassAt OIT we always recommend that you be careful when installing extensions and plugins for your web browser. This morning we received a warning from our friends at Canvas to let us know about a new Chrome extension, OneClass, that behaves suspiciously. Here’s what they had to say:

The “OneClass” Chrome extension behaves like malware. It can affect users of several LMSs, including Canvas. OneClass is not affiliated with Instructure [Canvas] in any way.

When a user installs the OneClass Chrome extension, it asks for permission to “read and change all your data on websites you visit.” If a user grants this permission, the plugin places a button in the user’s LMS (Canvas or other) labeled “Invite your classmates to OneClass.” If the user clicks this button, OneClass sends messages to all of the other users enrolled in the course via the LMS’s messaging system (for Canvas, that’s Conversations).

Instructure, the parent company of Canvas, recommends that you do not install this OneClass plugin. If you ever see something suspicious in your web browser or have a question regarding browser add-ons, let the IT Help Desk know at help@smu.edu or 214-768-4357.

Published by

Zach Peterson

BF-ITS(UserServ)