A massive security breach reported, related to Google Chrome extensions downloaded more than 32 million times. The spying campaign was reportedly used to investigate the Google Chrome user’s data for a surveillance campaign as per the report.
Google Chrome Extensions Under Massive Spying Attack
The Cybersecurity Firm Awake Security presented a report in which around 111 fake or malicious extensions for the browser were used to peep in Users’ activity through the browser. As the users typed passwords or added login credentials in a form, these were captured in the screenshots through the extensions. The report noted that the campaign had affected a lot of sectors, including healthcare, federal agencies, and financial institutions, for capturing invaluable information.
Chrome Extensions Often Attacked by Hackers
The Chrome extensions allow the users to add additional features and capabilities to their browsers so that they can carry out intended tasks as per their needs. There are millions of extensions available for the users that can help users to suspicious flag websites etc. However, the hackers and malicious entities can often create fancy and carful looking extensions which can steal information and hack a person’s computer.
Want to publish your own articles on DistilINFO Publications?
Send us an email, we will get in touch with you.
Awake Security Reported the Spying Campaign
The report at the Awake Security detailed that the malicious campaign may have harmed a large scale of computers and accounts across domains.
The Researchers said that “The actors behind these activities have established a persistent foothold in almost every network.”
Google spoke about a malicious campaign
“We appreciate the work of the research community, and when we are alerted of extensions … that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses,” Google spokesperson Scott Westover told CNN.
Regular Sweeps on Suspected Extensions
“We do regular sweeps to find extensions using similar techniques, code, and behaviors, and take down those extensions if they violate our policies.”
Spying Campaign Related to Israel Hosting Company Galcomm
Awake also said that the spying campaign was related to Galcomm, which is a Web Hosting Company based in Israel and manages more than 250 Thousand domains. Awake Researchers noted that “By exploiting the trust placed in it as a domain registrar, Galcomm has enabled malicious activity that has been found across more than a hundred networks we’ve examined,”
Galcomm did not provide any statement on the same yet.