Massive spying on users of Google’s Chrome shows new security weakness
A newly discovered spyware effort attacked users through 32 million downloads of extensions to Google’s market-leading Chrome web browser, researchers at Awake Security told Reuters, highlighting the tech industry’s failure to protect browsers as they are used more for email, payroll and other sensitive functions. Alphabet Inc’s Google said it removed more than 70 of the malicious add-ons from its official Chrome Web Store after being alerted by the researchers last month. Anything that gets you into somebody’s browser or email or other sensitive areas would be a target for national espionage as well as organised crime, said former National Security Agency engineer Ben Johnson, who founded security companies Carbon Black and Obsidian Security. We do regular sweeps to find extensions using similar techniques, code and behaviours, Google’s Westover said, in identical language to what Google gave out after Duo’s report.
Discover Related
Google Chrome users warned against 16 “malicious” extensions
Urgent warning to 3.2m Google Chrome users: 'Delete right now'
Hackers hijack a wide range of companies' Chrome extensions, experts say
Apple issues 'massive' warning about Google Chrome to all 1.46 billion iPhone users
Multiple threats affecting user security detected in Google Chrome and Zoom
Google Chrome users to now be warned for risky downloads
The Hindu Explains | Has Google failed to protect its Chrome browser?
Google Chrome extensions stole browsing data in widest-reaching malware campaign ever
Google Chrome users may have been impacted by a massive spying campaign, report says
Drive-by hackers could be spying on millions of Chrome users from outside their HOMES