Google Chrome: Some extensions have stolen millions of sensitive data
At the following link you can visit the complete report , from which we also learn the news. To carry out the study, researchers from Awake Security, a center based in Santa Clara, which highlighted how over 100 extensions available for the Chrome browser have the serious potential to access sensitive user data.
Photo credit - depositphotos .com To worry is the poor control carried out by Google for its store, as extensions marked as "dangerous" would be available for download in the official store and not present on third party sites. The extensions in question, as shown by the researchers, contain - in their source code - several malware specifically created to illegally acquire passwords, authentication cookies, pressed keys and even acquire screenshots while browsing. Once acquired, the information was automatically conveyed to the cybercriminals' own servers.
Read also: Nvidia RTX 3080, the new rumors are nothing short of exciting
The report continues showing a worrying number : It would amount to 33 million times that these malicious extensions were downloaded by unsuspecting users of the Chrome browser. The malicious code present in these extensions had a simple and effective operation to escape the control of Google, the typical one of the Trojan horse malware.
The primary target of these criminal groups were high profile companies, but being these of the extensions downloadable by everyone, inevitably the data of millions of amateur users were also collected.
of course, the researchers have promptly reported the news to Google, which said:
“we Appreciate the work of the research community, and when we are notified of extensions in the Chrome Web Store that violates our policies, we act and we use these incidents as training material to improve our analysis, automated and manual. We regularly carry out controls at the carpet to find the extensions that use the techniques, codes and behaviours that are similar and, if they violate our policies, eliminate them. All extensions are subjected to a process of automatic review, and most of them is also subject to manual review by our team. We use a combination of auto-review and manual, based on a variety of signals for each extension.”
The extensions to be more precise, 111 – who hid malicious code is hidden behind a simple application for managing text files , PDF or Excel file. The method used by the criminals was that the data were transferred directly to thousands of malicious domains , about 15,000 , all connected by a single registrar, which is a single server, and with headquarters in Israel.
What is the most important thing now is to know that Google has readily enabled to curb the problem. From the report we learn that the first report made by the researchers, Google has responded by removing more than 70 malignant extensions from the Chrome Web Store .
The first weapon to defend yourself from the criminals of the WEB is the awareness, therefore we recommend the reading of a book: Hacklog Volume 2 Web Hacking. Written by our Stefano Novelli, is available on Amazon at the following link .