Chrome Web Store Announces Temporary Shutdown After Wave Of Fraudulent Transactions – Experts Reaction

In response to reports that the Chrome Web Store has experienced a wave of fraudulent transactions prompting a temporary suspension or updating of any commercial Chrome extensions on the official Chrome Web Store, security experts commented below.

Experts Comments

January 28, 2020
James McQuiggan
Security Awareness Advocate
KnowBe4
Browser extensions are like a third-party plugin, not created by the original manufacturer, but designed to enhance the functionality of the user's experience. While it's unknown what is happening at Google and its actions, it must be a serious issue. Speculation from my experience would be one of fraud, where the criminals have infiltrated the Chrome store and inserted malicious code to steal personal identifiable information (PII), along with credit card information. Organizations need to be .....Read More
Browser extensions are like a third-party plugin, not created by the original manufacturer, but designed to enhance the functionality of the user's experience. While it's unknown what is happening at Google and its actions, it must be a serious issue. Speculation from my experience would be one of fraud, where the criminals have infiltrated the Chrome store and inserted malicious code to steal personal identifiable information (PII), along with credit card information. Organizations need to be aware of browser extensions used within their environments because like any other product within their supply chain, they need to be fully aware of any risks or vulnerabilities that the product delivers. Vendor companies like Chrome or Microsoft will deliver updates on a regular basis to address vulnerabilities for their product, however, it's the developers of the browser extensions who may not have a rigorous update program, which could leave organizations vulnerable to unknown risks.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.