MALWARE ALERT: “One Class” Chrome Extension

We have received the following information regarding an extension for the Google Chrome browser. This issue is a browser issue, not a Canvas issue. However, it does affect learning management systems like Canvas.

Please see below:

The “OneClass” Chrome extension behaves like malware. It can affect users of several learning management systems, including Canvas; however, OneClass is not affiliated with Instructure (Canvas) in any way.

When a user installs the OneClass Chrome extension, the plugin asks for permission to “read and change all your data on websites you visit.” If a user grants this permission, the plugin places a button in the user’s LMS (Canvas or other) labeled “Invite your classmates to OneClass.” If the user clicks this button, OneClass sends messages to all of the other users enrolled in the course vis the LMS message system (for Canvas, that’s Conversations). Each message says:

Hey guys, I just found some really helpful notes for the upcoming exams for [school name] courses at I highly recommend signing up for an account now. That way, your first download is free!

We strongly recommend that you NOT install or use the OneClass Chrome extension or that you remove the plugin if you have already installed it. The “invite your classmates” message acts as a phishing attempt, and the permission that the extension prompts users to grant could result in their information being stolen.