Google removes 106 Chrome extensions for collecting sensitive user data
Google has removed 106 malicious Chrome extensions that have been caught collecting sensitive user data.
The 106 extensions are part of a batch of 111 Chrome extensions that have been identified as malicious in a report published today by cyber-security firm Awake Security.
Awake says these extensions posed as tools to improve web searches, convert files between different formats, as security scanners, and more.
But in reality, Awake says the extensions contained code to bypass Google’s Chrome Web Store security scans, take screenshots, read the clipboard, harvest authentication cookies, or grab user keystrokes (such as passwords).
Dig Deeper with These Resources
Awake Security 2 Minute Explainer Video
What if security could think? What if it could sense danger, calculate risk, and react quickly based…
The Internet’s New Arms Dealers: Malicious Domain Registrars
This report dives into the results of a multi-month investigation that uncovered a massive global surveillance campaign…