Security News > 2020 > February > Google Removes 500 Chrome Extensions Tied to Malvertising
Google has removed 500 Chrome extensions from its online store after researchers found that attackers were using them to steal browser data, according to a new report from security firm Duo Security.
In a message to the researchers that it had removed the extensions, Google noted that it "Regularly sweeps to find extensions using similar techniques, code and behaviors and take down those extensions if they violate our policies."
While the malicious browser extensions have been removed, the researchers note that the malvertising campaign may have affected 1.7 million Chrome users who downloaded the extensions from the official Google Chrome Web Store.
The latest investigation into extensions began when Kaya, the independent researcher, was conducting a routine threat hunting exercise and found about a dozen suspicious Chrome extensions that were posted in the official Google Chrome Web Store, according to the Duo Security report.
Using CRXcavator, a free, automated Chrome extension security assessment tool developed by Duo Security, Kaya eventually identified about 70 malicious Chrome extensions that all appeared to use the same code and had other similarities, according to the report.
News URL
https://www.inforisktoday.com/google-removes-500-chrome-extensions-tied-to-malvertising-a-13731
Related news
- Google to let businesses create curated Chrome Web Stores for extensions (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- How to enable Safe Browsing in Google Chrome on Android (source)
- Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices (source)
- New tool bypasses Google Chrome’s new cookie encryption system (source)
- Google says “Enhanced protection” feature in Chrome now uses AI (source)