Spyware Found In Google Chrome Extensions

Valentine Muhamba Avatar

In a report by Tech Radar, there is a new spyware initiative affecting extensions on the Chrome Web Store.

Awake Security discovered more than 70 malicious extensions on the Web Store and alerted Google of them. The add-ons were downloaded 32 million times. The extensions were those that would warn the user of suspicious websites or convert files into different formats.

These extensions were doing more than what they advertised. They were funnelling sensitive data from the users. The same report says that the actors behind this were able to get users’ browsing history and credentials.

The extensions were able to avoid detection by antivirus software and other security measures used to gauge domains on the internet. The spyware mostly affected users using their personal devices. Sensitive user data wouldn’t usually be logged into corporate computers or if sensitive information was entered through a company device it wouldn’t reach the attacker’s website.

The 15 000 domains that were used, were purchased from a small Israeli domain registrar called Galcomm. The people who were behind this couldn’t be located because they submitted false information.

All the extensions were removed by Google.

In a report last week, Google Play Store apps were said to have had malware. This is another warning that we need to be more careful what we let on to our devices. It also means we need to take precautions even if we are browsing on our home or work internet. VPNs in this case are the best measure to protect ourselves from those who may try to syphon our personal information.

2 comments

  1. tinm@n

    Strange that, you TechZim want to suddenly get wise and warn people about being careful about installing apps, yet you endorse a “hack version” of WhatsApp

  2. snoozeunwitting

    I have also encountered this problem. I feel very bothered by them. connections puzzle

Join Waitlist We will inform you when the product arrives in stock. Please leave your valid email address below.