Google Chrome may have this major security flaw
Malicious extensions continue to pose serious risks to Google Chrome security
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
A new spyware campaign has been discovered which used maliciousGoogle Chrome extensionsdownloaded to steal user data and credentials online.
As reported byReuters, researchers at Awake Security alertedGoogleto the presence of more than 70 malicious add-ons on the officialChrome Web Storethat have now been removed.
The majority of the free extensions in question, which has been downloaded around 32 million times, either warned users about suspicious websites or were used to convert files from one format to another. However, the extensions actually siphoned off users' browsing history and other data that provided scammers with their credentials.
According to Gary Golomb, Awake Security co-founder and chief scientist, this was one of the most far-reaching campaigns in the Chrome Web Store to date.
Malicious extensions
The extensions used in the campaign were designed to avoid detection byantivirus softwareand other security software which evaluates the reputations of domains on the web. It is also unclear as to who designed the extensions as the developers supplied fake contact information to Google when they submitted them.
If a user downloaded one of the malicious extensions and then used Google Chrome on their home computer, they would connect to a series of websites and transmit information. However, users browsing on a corporate network would not transmit any sensitive information or even reach the attacker’s websites. The 15,000 domains used in the campaign were all purchased from a small Israelidomain registrarcalled Galcomm.
Security researcher from Tripwire’s vulnerability and exposure research team (VERT), Craig Young provided further insight on how extensions can undermine Chrome’s security, saying:
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
“The proliferation ofbrowserextensions as conduits for all manner of online activity has been absolutely terrible for security. Chrome generally does well at resisting compromise from sophisticated exploits but extensions can undermine this security completely. When installing an extension, users must approve a permissions manifest defining what the extension can access but it’s likely that the majority of users are not reading or understanding the permission list.”
While extensions can certainly be useful, users should be wary about installing ones from unknown developers to avoid falling victim to potential scams online.
ViaReuters
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
This new phishing strategy utilizes GitHub comments to distribute malware
Should your VPN always be on?
NYT Strands today — hints, answers and spangram for Sunday, November 10 (game #252)
