Researchers at Awake Security have discovered a new spyware effort, which has attacked users through 32 million downloads of extensions to Google’s market-leading Chrome web browser, according to Reuters. This highlights the tech industry’s failure to protect browsers as they are used more for email, payroll and other sensitive functions. Most of the free extensions purported to warn users about questionable websites or convert files from one format to another. Instead, they siphoned off browsing history and data that provided credentials for access to internal business tools. Based on the number of downloads, it was the most far-reaching malicious Chrome store campaign to date. Alphabet Inc’s Google said it removed more than 70 of the malicious add-ons from its official Chrome Web Store after being alerted by the researchers last month.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
