Comments
A new cyberthreat has emerged in the form of a massive spyware campaign that targeted users through Google Chrome extensions downloaded more than 32 million times, as per reports.
According to a report by cybersecurity firm Awake Security, over a hundred malicious Google Chrome extensions were used to spy on Google Chrome’s users in a massive global surveillance campaign.
“The Awake Security Threat Research Team has uncovered a massive global surveillance campaign exploiting the nature of Internet domain registration and browser capabilities to spy on and steal data from users across multiple geographies and industry segments,” the cybersecurity firm said in its report.
The firm found at least 111 "malicious or fake" Chrome extensions in its study.
These extensions are capable of spying on users by taking screenshots, reading a user’s clipboard, harvesting credential tokens stored in cookies or parameters and even get user passwords by grabbing user keystrokes.
The extensions were from domains that were registered under a known internet registrar GalComm.
“In the past three months alone, we have harvested 111 malicious or fake Chrome extensions using GalComm domains for attacker command and control infrastructure and/or as loader pages for the extensions,” the firm said.
“Of the 26,079 reachable domains registered through GalComm, 15,160 domains, or almost 60%, are malicious or suspicious,” it said.
The firm has recorded at least 32,962,951 downloads of these malicious extensions till date many of which had been available in Chrome’s web store.
Google’s parent company Alphabet Inc has said that it has removed over 70 of these malicious add-ons from its official Chrome Web Store after the firm had alerted them of the same, Reuters reported.
“When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses,” said a Google spokesman as quoted by the report.
GalComm had denied any wrongdoing, it said.
“GalComm is not involved, and not in complicity with any malicious activity whatsoever,” the company said as quoted by the report.
“You can say exactly the opposite, we cooperate with law enforcement and security bodies to prevent as much as we can,” it said.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.