Millions Impacted by Spyware from Malicious Google Chrome Extensions


Millions Impacted by Spyware from Malicious Google Chrome Extensions

Be Very Careful when you add an Extension to Chrome!Security researchers at Awake Security found 111 fake Google Chrome Extensions with over 32 million downloads from the Chrome store.  These extensions pretended to offer various services such as converting a file from one format to another but they connected to thousands of malicious domains and shared user’s sensitive information with third parties.

Google has automated scanners to prevent malicious extensions, but the crooks submitted fake contact information and they were designed to avoid the detection by Google’s automated review systems and user’s antivirus. The extensions could take screen shots of the user’s screens, access users’ clipboard and steal form input such as login ids.
The malicious extensions targets home users but when users accessed the internet from corporate networks, the extensions did not transmit information.

Google declined to disclose the extent of the spyware campaign when asked by Reuters or why it could not detect these malicious extensions. Although the malicious extensions targeted home users, they still pose a big risk to corporate users, many of whom are now working from home.

There have been previous attacks like this so try not to add ANY extensions to your browser if possible.

Read Full Article

Blog


How To Stop Common Scams and Get Quality IT Support
The COVID-19 pandemic has resulted in more time online and this is not lost on t...
5 Activities to Make Remote Meetings More Fun
by Christopher Littlefield, ForbesAfter months of working remotely, people are t...
Cyber Insurance for SMBs
Forrester and Hiscox collaborated to create the fourth annual Hiscox Cyber Readi...
Address

7 Lincoln Hwy 2nd floor
Edison, NJ 08820

Phone Number

(732) 549-6030

Copyright 2021 ASIS, LLC.