Google has removed malicious extensions with 32 million downloads

Η Google αφαίρεσε δεκάδες επεκτάσεις από το Chrome Web Store όταν μια εταιρεία ασφαλείας ανακάλυψε ότι χρησιμοποιούν κακόβουλες πρακτικές, για την κατασκοπεία των χρηστών και data.

The security company Awake he argues that he encountered a total of 111 malicious or of Chrome that were able to take screenshots, read the clipboard, collect credentials and track keystrokes.

Awake reports that this is one of the largest malicious campaigns targeting of Chrome and its impact is probably very large, as all these extensions had 32 million downloads.

"To date, there have been at least 32.962.951 downloads of these malicious extensions, and this only applies to extensions that have been available in the Chrome Web Store since May 2020."

We do not yet know who was behind this big campaign and how many users were affected, but the attackers appear to have used domains purchased from an Israeli-based company.

“Of the 26.079 domains registered through GalComm, 15.160 or nearly 60% are malicious or suspicious: they host various traditional malware programs and tools s used in browsers. Using various evasion techniques, these domains avoided being labeled as malicious by most security solutions and thus allowed this campaign to go unnoticed,” reports Awake.

Google has already removed these extensions and the security company has released one full list with the IDs of the add-ons.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).