A number of Google Chrome extensions hiding spyware were created and curated by a criminal ring and have been downloaded in 32 million times…
Recently, security firm Awake Security, uncovered a slew of extension for the Chrome browser containing spyware. Google apparently didn’t detect the malware. As a result, the software plugins were installed more than 32 million times. Since the initial discovery and subsequent reporting, Google has removed the suspect extensions. However, that means people must still check and uninstall them.
Google Chrome Extension Spyware Discovered
The browser extensions in question were cleverly disguised as security tools to protect users from malicious sites. In reality though, the programs secretly siphoned of users’ data. What’s more, the extensions only did their dirty work when legitimate spyware and other actual security tools weren’t running, in order to avoid detection.
The attackers would use the stolen credentials to gain access to both personal and corporate information. The latter of the two is the most lucrative for hackers because of its potential to grab sensitive information, such as payroll records, corporate credit cards, and other important data.
Behind the scheme was a cyber criminal network of more than 15,000 domains. Almost all of them were purchased through an Israeli-based internet registrar called Galcomm. That company denies any knowledge or involvement in the matter. To see which extensions were involved in the criminal subterfuge, just click here.