A spyware may have attacked Google Chrome users and this may have happened through 32 million extension downloads. According to a report by Reuters, Google said it removed more than 70 of the malicious add-ons from its official Chrome Web Store after being alerted by the researchers last month.
Most extensions are free and so sometimes many unsuspecting users may not know that their details like browsing history are being siphoned by some of the malicious extensions to unknown sources. Just think about the number of people who use Google Chrome which is by far the world’s most used and installed browser. There are now about 5 billon Chrome installs on mobile devices and then there is the huge number of users who share their personal info on Chrome from passwords to personal data like banking details and browsing history which is seldom cleared by many users.
Google now says it is aware of the situation and has now removed over 70 extensions from the Chrome Web Store. A Google spokesperson told Reuters that “When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses.”
The security researchers are saying that it is difficult to identify the players behind the spyware as the developers may have submitted the extensions using fake contact information. The other interesting thing about these malicious extensions is that they were designed to avoid detection by your average antivirus software. As Reuters explains, “If someone used the browser to surf the web on a home computer, it would connect to a series of websites and transmit information, the researchers found. Anyone using a corporate network, which would include security services, would not transmit the sensitive information or even reach the malicious versions of the websites.”
While the identities of these developers remain unknown, the domains they used are about 15,000 which linked with each other. These domains according to Awake Security researchers were bought from an Israeli registrar Galcomm, known formally as CommuniGal Communication Ltd. That said, Galcomm has been absolved of any involvement but as the report notes, they should have at least known what was going on. Galcomm owner Moshe Fogel told Reuters that his company had no knowledge of this in any way. “Galcomm is not involved, and not in complicity with any malicious activity whatsoever,” you can say exactly the opposite, we cooperate with law enforcement and security bodies to prevent as much as we can.”
Google Chrome extensions security have been an issue for a long time and while Google has taken steps to stem the tide in the past years, the problem persists. Sometimes it comes down to the user taking personal responsibility.
Paul Balo is the founder of TechBooky and a highly skilled wireless communications professional with a strong background in cloud computing, offering extensive experience in designing, implementing, and managing wireless communication systems.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behaviour or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
