Awake Security researchers uncovered a massive Chrome malware campaign intended to harvest user data. As per a Reuters report, it involved over 70 malicious extensions on the Chrome Web Store that were downloaded over 32 million times.
Google was notified about the discovery last month, following which the search giant took down the extensions. According to the firm, the malicious Chrome extensions masqueraded as file converters, and ironically, as extensions that flagged bad websites.
However, in the background, these extensions funneled browsing history and user credential data from the compromised browsers. While there is no information on the attackers, it’s among the biggest malware campaigns against the Chrome browser to date.
It was known that the various extensions transmitted data to over 15,000 domains in total. All of these were purchased from Communigal Communication Ltd. – an Isreal-based domain registrar that denied having any involvement in the malware campaign.
A Google spokesperson told Reuters: “When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses.”
In similar incidents, Google has previously deleted tens and even hundreds of unsafe Chrome extensions. The company also said it would focus more on the manual review process for the extensions submitted to the Chrome Store.
What makes it concerning is the Google Chrome takes the biggest piece of the pie when it comes to browser market share. Not to mention the ever-increasing need for web browsers as they replace traditional apps on our computers.
However, the latest mess brings back the issue to which the search giant seems to have turned a blind eye.
The security firm added that attackers submitted fake contact information to the Chrome Web Store, which makes tracing them even more difficult.
It’s surprising to see that such discoveries are often courtesy of third-party security firms than Google itself.
Earlier this year, Google deleted 500+ Chrome extensions after their unsafe behavior was reported by security researcher Jamila Kayla and Duo Security.