Security News > 2020 > June > Google Yanks 106 ‘Malicious’ Chrome Extensions
Google removed 106 Chrome browser extensions Thursday from its Chrome Web Store in response to a report that they were being used to siphon sensitive user data.
The attackers used the Google Chrome browser extensions to not only steal data, but also to create persistent footholds on corporate networks.
While Google has long policed its Chrome Web Store for rogue browser extensions, what is unique about this malicious effort was that it was allegedly part of a coordinated and "Massive global surveillance campaign." Researchers also assert that the campaign was aided by the internet domain registrar CommuniGal Communication Ltd. Galcomm owner Moshe Fogel told the news agency Reuters that his company was unaware of the malicious activity and had done nothing wrong.
"In the past three months alone, we have harvested 111 malicious or fake Chrome extensions using GalComm domains for attacker command and control infrastructure and/or as loader pages for the extensions," researchers wrote.
Golomb said browser extensions are the "New malware," explaining that critical business applications like Microsoft 365, Google services, Salesforce and Zoom are browser dependent.
News URL
https://threatpost.com/google-yanks-106-malicious-chrome-extensions/156731/
Related news
- Google to let businesses create curated Chrome Web Stores for extensions (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- How to enable Safe Browsing in Google Chrome on Android (source)
- Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices (source)
- New tool bypasses Google Chrome’s new cookie encryption system (source)
- Google says “Enhanced protection” feature in Chrome now uses AI (source)