Do you use Google Chrome extensions? If so, it looks like now is the time to start changing your passwords.
Awake Security, a well-known cyber security firm, found over 100 malicious Chrome extensions that were downloaded over 32 million times, and that were able to actually spy on the users of the extensions. They were able to screenshot what the users were doing, enabling them to steal usernames and passwords… In real time! These include fake and malicious extensions for a plethora of industries from financial to medical to municipal.
If you don’t know what extensions are, they can really come in handy. They’re almost like little shortcuts that can allow a user to spell check their online session, or watch a Netflix show with your loved ones.
Which makes this new report feel even more ominous. Because something that can be used for good is being exploited. But as we have said before, even in these troubling times, hackers have no shame.
To Google’s defense, they have responded valiantly. They have already removed all of the extensions that Awake tested, and they publicly thanked the company for finding malicious extensions.
But this is not their first rodeo. In fact, just in February of this year (can anyone remember life before quarantine?), Google Chrome extensions were used in a rash of cyber attacks. Due to these attacks, Google decided to implement additional security measures by disabling the accounts of any developers who had violated the policies and by flagging any suspicious activities.
It appears that hasn’t been enough.
Fortunately, Awake has been able to identify a likely culprit; all of the extensions that were spying on users were in some way associated with the Israeli web hosting company, Galcomm, who manages a quarter-of-a-million domains. Fifteen thousand of which, according to Awake, appear to be suspicious, if not down-right malicious.