Advertisement

More than 100 Google Chrome extensions impacted by spy campaign, report says

A cybersecurity firm reported Thursday that 111 malicious or fake Chrome extensions were used in a global surveillance campaign capable of taking screenshots and mining users' passwords and other data. File Photo by Stephen Shaver/UPI
A cybersecurity firm reported Thursday that 111 malicious or fake Chrome extensions were used in a global surveillance campaign capable of taking screenshots and mining users' passwords and other data. File Photo by Stephen Shaver/UPI | License Photo

June 18 (UPI) -- More than 100 Google Chrome extensions downloaded more than 32 million times were used in a global surveillance campaign, according to a report by a cybersecurity firm on Thursday.

Awake Security reported that at least 111 malicious or fake Chrome extensions using domains related to CommuniGal Communication Ltd., or GalComm, were able to bypass security and spy on users by taking screenshots, harvesting login credentials and tracking password inputs.

Advertisement

"By exploiting the trust placed in it as a domain registrar, Galcomm has enabled malicious activity that has been found across more than a hundred networks we've examined," the report stated.

Extensions allow users to add new capabilities to their browser and are typically downloaded from the Chrome Web Store. Awake found that extensions live on the store as of May were downloaded at least 32,962,951.

"The actors behind these activities have established a persistent foothold in almost every network," the firm said.

Google confirmed to CNN that all of the browser extensions identified by Awake have been removed.

"We appreciate the work of the research community and when we are alerted of extensions ... that violate our policies, we take action and use those incidents as training material to improve our automated and manual anlyses," Google representative Scott Westover said.

Advertisement

Latest Headlines