Google Chrome Security Breach: 33 Million Downloads Of Spyware
Researchers at Awake Security have uncovered a mass spyware effort that attacked users through some 32.96 million downloads of Google’s Chrome web browsers to date, potentially exposing sensitive information.
Awake Security Co-Found and Chief Scientist Gary Golomb told Reuters that this breach is the most far-reaching malicious Google Chrome store campaign ever, given the massive number of downloads.
The cybersecurity firm analysed over 100 networks across a number of sectors and found that the actors behind these activities had established a foothold in almost every network.
Since Awake Security alerted Google of the cybersecurity weakness last month, the tech giant has removed over 70 malicious add-ons from its official Chrome Web Store.
Google spokesman Scott Westover told Reuters: “When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses.”
However, Google declined to comment on the breadth of damage that this latest spyware caused, and why it failed to detect the bad extensions prior to Awake Security’s warnings.
Most of the spyware extensions were free, and promised to warn users about dodgy sites, or help users convert files from one format to another. In reality, they gathered browsing history and data that provided credentials for access to internal business tools.
A list of IDs and names for these malicious Chrome extensions can be found here.
“Enterprise security teams would do well to recognise that rogue browser extensions pose a significant risk, especially as more of our digital life is now conducted within the browser,” Awake Security said. “Moreover, this threat is one that bypasses a number of traditional security mechanisms including endpoint security solutions, domain reputation engines, web proxies and cloud-based sandboxes.”