A newly discovered spyware effort attacked users through 32 million downloads of extensions to Google’s market-leading Chrome web browser, researchers at Awake Security told Reuters, highlighting the tech industry’s failure to protect browsers as they are used more for email, payroll and other sensitive functions.

The discovery of these malicious Chrome browser extensions underscore the need for users to exercise caution when downloading and installing extensions. Users should stick to using only extensions provided by reputable firms that have a past record of respecting the privacy of users.
That said, this also underscores the laxity Google has shown in both its Chrome Web Store and its Google Play Android app store to allow spyware, malware and other malicious apps and extensions to slip through its review, measures that are designed to prevent incidents such as this.