Η Google removed 106 malicious Chrome extensions due to hidden Sensitive collection data users.
The 106 extensions are part of a set of 111 extensions that were recognized as malicious, in one report published yesterday by the company security Awake Security.
According to Awake, the extensions are presented as tools which improve internet searches, convert files to various formats, scan for viruses and more.
In reality, however, the Chrome extensions contained code that allowed them to bypass the security scans of Google's Chrome Web Store, to pull screenshots, yes read their clipboard users, yes collect cookies or yes monitor user typing.
Awake believes that all the extensions were created by him hacker (ή hacking group), but research is being done to confirm this information.
The common denominator in all Chrome extensions was Mission data user in domains registered through the GalComm domain registrar.
In addition, many extensions share them same graphics and code base, with minor changes. In some cases, the extensions had him as well same issue number And the same descriptions.
Awake says that by May 2020, when it contacted Google, the 111 malicious extensions had been installed 32.962.951 times.
According to Awake, some of these Chrome extensions have been found in networks "Financial services, oil and gas companies, media and entertainment companies, healthcare and pharmaceutical services, technology companies, higher education institutions and government agencies". It is said that the extensions worked as backdoors and tools espionage, although there is no evidence to support this.
Only 5 of Awake's 111 extensions reported to Google are still live on the Chrome Web Store.
As always in such cases, Google has disabled extensions from users' browsers. Extensions are still installed, but have been disabled and marked as "malware" in the Chrome Extensions section browser.
The users can visit the page chrome: // extensions to see if they have installed any of the malicious extensions.
Greek
Chinese (Simplified)
English
Greek
Russian