Security News > 2020 > February > Google Removes 500 Chrome Extensions Tied to Malvertising

Google has removed 500 Chrome extensions from its online store after researchers found that attackers were using them to steal browser data, according to a new report from security firm Duo Security.

In a message to the researchers that it had removed the extensions, Google noted that it "Regularly sweeps to find extensions using similar techniques, code and behaviors and take down those extensions if they violate our policies."

While the malicious browser extensions have been removed, the researchers note that the malvertising campaign may have affected 1.7 million Chrome users who downloaded the extensions from the official Google Chrome Web Store.

The latest investigation into extensions began when Kaya, the independent researcher, was conducting a routine threat hunting exercise and found about a dozen suspicious Chrome extensions that were posted in the official Google Chrome Web Store, according to the Duo Security report.

Using CRXcavator, a free, automated Chrome extension security assessment tool developed by Duo Security, Kaya eventually identified about 70 malicious Chrome extensions that all appeared to use the same code and had other similarities, according to the report.

News URL

https://www.inforisktoday.com/google-removes-500-chrome-extensions-tied-to-malvertising-a-13731