Google removes Chrome extensions for collecting sensitive user data2020-06-18 18:24 by Daniela
Tags: Google Chrome
Researchers at Awake Security have discovered a far-reaching malicious add-on on Google's Chrome web browser. The spyware, according to the research company, comes as free extensions to the Chrome web browser and has had over 32 million downloads.
Based on the number of downloads, it was the most far-reaching malicious Chrome store campaign to date, according to Awake co-founder and chief scientist Gary Golomb.
If a user downloaded one of the malicious extensions and then used Google Chrome on their home computer, they would connect to a series of websites and transmit information. However, users browsing on a corporate network would not transmit any sensitive information or even reach the attacker's websites. The 15,000 domains used in the campaign were all purchased from a small Israeli domain registrar called Galcomm.
Google removed 106 out of 111 Chrome extensions that have been identified as malicious.
"When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses," Google spokesperson Scott Westover told Reuters.
Read more -here-