Security News > 2020 > February > Google Axes 500 Chrome Extensions Exfiltrating User Data
Google has removed more than 500 extensions from the Chrome Web Store after they were found performing covert data exfiltration activities.
Independent security researcher Jamila Kaya and Cisco's Duo Labs originally identified a network of 70 copycat plugins with 1.7 million users that were infecting users' browsers and exfiltrating data.
The plugins had nearly identical source code, had no ratings, and each referenced to a ".com." website that was the exact name of the plugin.
Each of these extensions requires a high, nearly identical level of permissions, which allows them to access a large amount of data in the browser.
Kaya also identified direct malware tied to these plugin sites, likely operating for the same user.
News URL
Related news
- Google fixes ninth Chrome zero-day exploited in attacks this year (source)
- Google fixes ninth Chrome zero-day tagged as exploited this year (source)
- Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild (source)
- Google tags a tenth Chrome zero-day as exploited this year (source)
- Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation (source)
- Google increases Chrome bug bounty rewards up to $250,000 (source)
- Google Chrome gets a mind of its own for some security fixes (source)
- Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense (source)
- Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature (source)
- New Google Chrome feature will translate complex pages in real time (source)