In brief
- Over 100 Google Chrome extensions were stealing sensitive data from their users.
- They took screenshots, logged keystrokes, stole information from the clipboard and stole credentials.
- Malicious browser extensions are not new, and many have been used to steal cryptocurrency data.
Over 100 Google Chrome extensions, downloaded almost 33 million times, were stealing sensitive data from their users, according to cyber security researchers from Awake Security.
The 111 browser extensions, which Google has since removed from the Chrome Web Store, stole corporate data and other sensitive information. They took screenshots, logged keystrokes, stole information from the clipboard (that had been cut or copied by users) and stole credentials.
“The research shows that this criminal activity is being abetted by a single Internet Domain Registrar: CommuniGal Communication Ltd. (GalComm),” wrote Awake in a blog post.
Malicious browser extensions have been downloaded 32,962,951 times, “and this only accounts for the extensions that were live in the Chrome Web Store as of May 2020,” the report noted.
The browser extensions did simple things, like convert files to and from PDFs; to switch between Bing, Google and Yahoo when opening a new tab; or to access emails by clicking the extension.
After analyzing over 100 corporate networks across a plethora of industry, the researchers discovered that the criminals have “established a persistent foothold in almost every network.”
Malicious Chrome apps are nothing new, and many have been used to steal cryptocurrency data.
New Google Chrome extension gives access to 'uncensorable' websites
First it built blockchain domain names, then its own browser—and now Unstoppable Domains wants to make it even easier to access the decentralized web. The Tim Draper-backed firm announced Wednesday the launch of a Google Chrome extension that allows users to browse “uncensorable” websites built on the Ethereum blockchain. “Decentralized websites are important because they provide censorship-resistance” Unstoppable Domains Co-Founder Brad Kam told Decrypt. This “is completely different than a tra...
The host of the “Protocol Podcast,” Eric Savics, earlier this month lost his life savings of 12 Bitcoin, worth $113,000 at the time, when he downloaded a malicious version of the Keep Key Bitcoin client on his desktop from the Google Chrome store. When Savics entered his recovery phrase, the extension nabbed it and drained his wallet.
Is it time to start putting a warning on all Chrome extension apps?
