Spyware found in Chrome extensions used by millions: Details here
What's the story
Dozens of extensions, operating through Google Chrome, have been found to be carrying spyware.
The plugins, according to a report in Reuters, were covertly mining information from the computers of millions of unsuspecting users of the browser.
Now, thankfully, they have been removed by the internet giant.
Here's all you need to know about it.
Extensions
Legit-looking Chrome extensions with 32 million downloads
Though the names of the spyware-laced extensions remain unknown, Awake Security, the company that found them, told Reuters that the plugins looked completely innocuous, promising to perform functions ranging from flagging shady sites to converting files.
In all, the firm said, it detected over 70 malicious extensions, which had been downloaded as many as 32 million times through the official Google Chrome Web Store.
Attack
What these extensions did?
While posing as legitimate programs for millions, the extensions performed shady activities in the background, including things like stealing background history and data carrying credentials for business tools.
They actively avoided detection by anti-virus tools and connected to a series of malicious websites to mine and transmit the information. But, the transmission only took place in the case of consumer networks, not corporate ones.
Comment
"Most far-reaching spyware campaign on Chrome Store"
In light of the activity of the extensions, and how they posed a threat to millions, Awake Security reached out to Google to inform the company about the attack.
Gary Golomb, the co-founder of the firm, said that this was the most far-reaching malicious Chrome Store campaign by numbers.
He added, it also shows how thousands of malicious domains can be easily hidden.
Removal
Now, all the questionable extensions have been removed
Following Awake's report, which was sent last month, Google took note of the matter and removed all the questionable extensions from the Chrome Web Store.
However, the company did not say anything about the spyware involved, how many Chrome users might have been affected, how the extensions passed its vetting systems or were not flagged at a later stage.
Information
Details of the attacker remain unknown
Similarly, it also remains unknown who developed these malware-laced extensions for Chrome. The contact information provided while submitted them was fake, while the registrar - Galcomm - that sold the domains that the extensions connected to denied being involved in the matter.