Google has removed 106 malicious Chrome extensions that have been caught collecting sensitive user data.
According to Reuters, the 106 extensions are part of a batch of 111 Chrome extensions that have been identified as malicious in a report published today by cyber-security firm Awake Security.
Awake says these extensions posed as tools to improve web searches, convert files between different formats, as security scanners, and more.
“When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses,” Google spokesman Scott Westover said.
The spyware worked by monitoring a victim’s use of the Chrome browser while at home and transmitting information after connecting to a series of sites. Although the Chrome extensions were designed to evade detection by anti-virus software, corporate networks using security tools would not transmit this information or connect to the websites.
Using this data, the attackers could then obtain credentials for accessing both personal and corporate information. Researchers warned browsers hold more sensitive data than ever before, in many cases applications like Google, Facebook or Zoom become embedded in them.
“After analyzing more than 100 networks across financial services, oil and gas, media, entertainment, healthcare and pharmaceuticals, retail, high-tech, higher education and government organizations, Awake discovered that the actors behind these activities have established a persistent foothold in almost every network,” researchers wrote.
“Trust in the internet and its infrastructure is critical. Exploiting key components of this infrastructure… shakes the foundation of trust and represents a risk to organizations and consumers alike.”