Security News > 2020 > February > Google Removes 500 Chrome Extensions Tied to Malvertising
Google has removed 500 Chrome extensions from its online store after researchers found that attackers were using them to steal browser data, according to a new report from security firm Duo Security.
In a message to the researchers that it had removed the extensions, Google noted that it "Regularly sweeps to find extensions using similar techniques, code and behaviors and take down those extensions if they violate our policies."
While the malicious browser extensions have been removed, the researchers note that the malvertising campaign may have affected 1.7 million Chrome users who downloaded the extensions from the official Google Chrome Web Store.
The latest investigation into extensions began when Kaya, the independent researcher, was conducting a routine threat hunting exercise and found about a dozen suspicious Chrome extensions that were posted in the official Google Chrome Web Store, according to the Duo Security report.
Using CRXcavator, a free, automated Chrome extension security assessment tool developed by Duo Security, Kaya eventually identified about 70 malicious Chrome extensions that all appeared to use the same code and had other similarities, according to the report.
News URL
https://www.inforisktoday.com/google-removes-500-chrome-extensions-tied-to-malvertising-a-13731
Related news
- Google Chrome's AI-powered security feature rolls out to everyone (source)
- Google Chrome disables uBlock Origin for some in Manifest v3 rollout (source)
- Google Cuts Off uBlock Origin on Chrome as Firefox Stands Firm on Ad Blockers (source)
- Google fixes Chrome zero-day exploited in espionage campaign (source)
- Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)