Browser extensions have access to everything you do online, including your passwords and web history. They’re a privacy nightmare, but Google is having trouble keeping its massive library of browser extensions in check. According to a report by Reuters, Google just discovered a massive spyware campaign that affected 32 million people through Chrome extensions and add-ons.
After an extensive investigation, Awake Security discovered over 70 malicious add-ons in the Chrome Web Store. The add-ons were registered under fake names and advertised themselves as safe browsing tools or anti-virus software. Google has already removed the add-ons from its Web Store, but hasn’t announced the names of the extensions in question.
How could this happen under Google’s nose? According to Awake Security, the malicious extensions used cheap tricks to hide from anti-virus and security software. They utilized a pool of over 15,000 web domains to transfer information and appread legitimacy by providing some useful service.
All of the domains were linked to one another and purchased from Galcomm, a small registrar in Israel. In a statement to Reuters, Awake Security said that Galcomm should’ve known what was happening. For what its worth, Galcomm denies any involvement.
Not all Chrome extensions are bad. But it’s helpful to vet an add-on before you install it to your browser. Bear in mind that browser extensions are regularly bought and sold, and may end up in the hands of creeps. Also, anyone can add malicious code to an extension through quick updates. Maybe you should stick to only the most popular add-ons, and discard any translator or dictionary tools that could be replaced by a website.
Source: Google via Reuters