They find more than 100 malicious extensions, with almost 33 million downloads that have collected private data
Azteca News –
United States.- A recently discovered spyware campaign attacked Chrome users, through 32 million downloads of market-leading Google browser extensions, Awake Security researchers told ..
What happened shows the failure of the technology industry in seeking to protect the security of browsers that are increasingly used to check email, payroll and other sensitive information.
Google, which belongs to the Alphabet Inc group, said it removed more than 70 of the malicious plugins from its official Chrome web store, after being alerted by investigators last month.
« When we are alerted to extensions in the web store that violate our policies, we take action and use those incidents as training material to improve our automated analytics and our manuals, » Google spokesman Scott Westover told ..
Most of the free extensions were meant to warn users about questionable websites or convert files from one format to another. But instead, they diverted browsing history and credential-providing data for access to internal business tools.
Considering the number of downloads, it was the most powerful malicious campaign the Chrome store has had to date, according to Awake co-founder and chief investigator Gary Golomb.
Google declined to discuss the latter’s comparisons. « spyware« With previous campaigns, the extent of the damage or why it didn’t detect or remove malicious extensions on its own, despite past promises to monitor plug-ins more closely.
It is unclear who is behind the campaign to distribute this malicious software. Awake said the developers provided false contact information when they submitted the extensions to Google.
« Anything that takes you to someone’s browser or email or other sensitive areas would be a target for national espionage as well as organized crime, » said former National Security Agency engineer Ben Johnson, founded by the security companies Carbon Black and Obsidian Security.
The extensions were designed to avoid detection by antivirus or security software companies, which assess the reputation of web domains, Golomb said.