• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » web browser » Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

2020-06-18 by Michelle Dvorak

Google Chrome

Massive Spyware Campaign Used Chrome Extensions With 32 Million Downloads

Over 70 Google Chrome extensions were found to be surveilling users’ web browsing activity. The web browser add-ons were collecting user behavior and credentials for business apps. The massive spyware campaign secretly attacked Google Chrome users via 70 web browser add-ons. The malicious extensions racked up over 32 million downloads according to a report by Awake Security.

These Chrome web browser extensions integrated with email, accounting, and other sensitive data.  Google said it has removed over 70 malicious add-ons from the Chrome Web Store after being alerted by the researchers at Awake Security in May.

These extensions can take screenshots, read the clipboard, harvest credential tokens stored in cookies or parameters, grab user keystrokes (like passwords), etc.

~ Awake Security
Chrome Extension Lure
Malicious Chrome extension Lure Image Credit: Awake Security

“When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses,” Google spokesperson Scott Westover said in a statement to Reuters.

What is a Web Browser Extension?

Chrome is by far the most popular web browser in use across the globe. Like most web browsers, Chrome users can add apps, called extensions, to add features and functionality to Chrome. Extensions can remember passwords, change color schemes, add calculators, detect malware, warn users of spoof websites, etc… Most of these extensions are useful and harmless. However, users should always read the terms of service and never grant an extension or any software more permission that it needs to complete its job.

READ: Where Are My Saved Passwords in Chrome?

Most of the malicious Chrome web browser extensions claimed to provide notifications about suspicious websites. Others were file format conversion services – for example, convert an image from jpg to.gif. However, what the browser extensions were really doing was spying on Chrome browser activity and collecting login credentials for access to the victim’s business software.

The hackers behind the malicious add-ons have not been identified. In their report, Awake Security noted the developers used false contact information.

With a collective 32 million downloads, this cyber attack was widespread. A list of IDs for these malicious Chrome extensions can be found here.

The malicious extensions were developed to avoid detection by antivirus and security software that only checked for spoof websites. That’s how more robust internet protection can help safeguard and clean up your computer.

How Do the Spyware Add-Ons Steal Information?

When a user opened Chrome that had one of these harmful extensions downloaded, Chrome would start sending data back to the hackers through a series of websites. The hackers set up a family of 15,000 domain names working together to help disguise their scam. All of the domain names were bought from Israeli registrar Galcomm. Awake Security stated that Galcomm should have realized what was happening.

Rogue browser extensions pose a significant security risk. Even corporate networks with enterprise security protection need to defend against connections to these websites and sending sensitive data. Get enterprise security protection for your home or office.

How to Uninstall Extensions in Chrome

This large-scale spyware campaign collected web browser activity through Chrome web browser extensions.

To permanently remove extensions from Chrome you will have to open up Chrome on your laptop. If you are worried that an extension is spying on your data or sending malicious information, disconnect it from the internet first 

How do I permanently remove extensions from Chrome? 

  1. On your Windows computer, open Chrome
  2. In the upper right corner of the Chrome window, click the three dots to expand the menu (Figure 1)
  3. Drop down the menu and choose More Tools
  4. Select Extensions
  5. The Chrome screen will show all the extension you have installed
  6. Click Remove next to the Chrome extension you want to permanently remove
Uninstall Extensions Chrome
Uninstall Extensions Chrome – Figure 1
Remove Google Chrome Extension
Figure 2

Browser extensions are installed as apps on Android devices.

Only download unwanted software, apps, and extension from trusted sources. This is difficult because these apps were listed in the official Chrome Web Browser site. 

Chrome users should use password protection and antivirus software to help protect their computers.

Filed Under: web browser

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version