Security News > 2020 > February > Google Axes 500 Chrome Extensions Exfiltrating User Data
2020-02-17 19:38
Google has removed more than 500 extensions from the Chrome Web Store after they were found performing covert data exfiltration activities.
Independent security researcher Jamila Kaya and Cisco's Duo Labs originally identified a network of 70 copycat plugins with 1.7 million users that were infecting users' browsers and exfiltrating data.
The plugins had nearly identical source code, had no ratings, and each referenced to a ".com." website that was the exact name of the plugin.
Each of these extensions requires a high, nearly identical level of permissions, which allows them to access a large amount of data in the browser.
Kaya also identified direct malware tied to these plugin sites, likely operating for the same user.
News URL
Related news
- Google Chrome is making it easier to share specific parts of long PDFs (source)
- Google to kill Chrome Sync on older Chrome browser versions (source)
- Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking (source)
- Google Chrome's AI-powered security feature rolls out to everyone (source)
- Google Chrome disables uBlock Origin for some in Manifest v3 rollout (source)