Security News > 2020 > February > Google Axes 500 Chrome Extensions Exfiltrating User Data
2020-02-17 19:38
Google has removed more than 500 extensions from the Chrome Web Store after they were found performing covert data exfiltration activities.
Independent security researcher Jamila Kaya and Cisco's Duo Labs originally identified a network of 70 copycat plugins with 1.7 million users that were infecting users' browsers and exfiltrating data.
The plugins had nearly identical source code, had no ratings, and each referenced to a ".com." website that was the exact name of the plugin.
Each of these extensions requires a high, nearly identical level of permissions, which allows them to access a large amount of data in the browser.
Kaya also identified direct malware tied to these plugin sites, likely operating for the same user.
News URL
Related news
- Google to let businesses create curated Chrome Web Stores for extensions (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- How to enable Safe Browsing in Google Chrome on Android (source)
- Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices (source)
- New tool bypasses Google Chrome’s new cookie encryption system (source)
- Google says “Enhanced protection” feature in Chrome now uses AI (source)