June 18 (UPI) — More than 100 Google Chrome extensions downloaded more than 32 million times were used in a global surveillance campaign, according to a report by a cybersecurity firm on Thursday.
Awake Security reported that at least 111 malicious or fake Chrome extensions using domains related to CommuniGal Communication Ltd., or GalComm, were able to bypass security and spy on users by taking screenshots, harvesting login credentials and tracking password inputs.
“By exploiting the trust placed in it as a domain registrar, Galcomm has enabled malicious activity that has been found across more than a hundred networks we’ve examined,” the report stated.
Extensions allow users to add new capabilities to their browser and are typically downloaded from the Chrome Web Store. Awake found that extensions live on the store as of May were downloaded at least 32,962,951.
“The actors behind these activities have established a persistent foothold in almost every network,” the firm said.
Google confirmed to CNN that all of the browser extensions identified by Awake have been removed.
“We appreciate the work of the research community and when we are alerted of extensions … that violate our policies, we take action and use those incidents as training material to improve our automated and manual anlyses,” Google representative Scott Westover said.
COMMENTS
Please let us know if you're having issues with commenting.