A hundred extensions, which cumulate more than 32 million installations in Google Chrome, integrated spyware capable of taking screenshots and recording passwords entered by a user. Google reacted quickly by removing them from its Chrome Web Store.
Android and Chrome, same fight! Or rather the same problem … According to a new report published by the cybersecurity company Awake Security, more than a hundred extensions for the Google Chrome browser included spyware that was installed without the users’ knowledge. In total, these extensions have more than 32 million installations!
If these extensions were very popular, it is simply because they offered popular functions such as converting PDF files, the possibility of broadcasting your Netflix account on several computers, locating stolen websites or even improving his research on the Internet. In total, Awake Security has identified 111 extensions for Chrome considered to be “malicious or false”.
Spyware records entering passwords
Once installed, these extensions triggered spyware capable of taking screenshots, stealing login information and capturing passwords when users typed them. Millions of individuals are believed to have been affected, as well as businesses, hospitals and governments. The damage is therefore considerable.
Alerted, Google immediately removed these extensions, and they no longer appear in the Chrome Web Store. If in doubt, it is advisable to uninstall all those recently installed, and to check their editor. According to Awake Security, all the extensions are linked to a single host, Galcomm, which has denied any complicity with the hackers behind these rogue extensions.