A spyware attempt that was discovered recently and one that was downloaded 32 million times through extensions to Google’s market-leading Chrome web browser reflected the failure of the tech industry to provide enough protection to browsers that are being used more these days for emails, payroll and other sensitive functions. This was discovered by researchers at Awake Security according to a report published in the news agency Reuters.
After being alerted by the researchers last month, more than 70 of the malicious add-ons from its official Chrome Web Store had been removed by it, said Alphabet Inc’s Google. “When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses,” Google spokesman Scott Westover told the Reuters as stated in the report.
According to the research report, most of the free extensions were used for warning users about suspected and questionable websites or while converting files from one format to another. The malware instead decamped with users’ browsing history and data that yielded credentials for accessing internal business tools.
According to Awake co-founder and chief scientist Gary Golomb, in terms of the number of downloads globally, of the malware, this stands out as the most far-reaching malicious Chrome store campaign in history.
The Reuters report claimed that Google was unwilling to discuss anything about comparing the latest spyware with the previous such efforts, the extent of the damage caused as well as about why the company had been unable to detect it and consequently remove the bad extensions on its own even though the company had previously promised to conduct more close supervision of the offerings.
The individual or group behind the effort is not yet clear. While submitting the extensions to Google, fake contact information was provided by the developers to the company, Awake said.
“Anything that gets you into somebody’s browser or email or other sensitive areas would be a target for national espionage as well as organized crime,” said former National Security Agency engineer Ben Johnson, who founded security companies Carbon Black and Obsidian Security.
Golomb said that the design of the extensions were such that they were equipped to avoid detection by antivirus companies or security software that are engaged in evaluating of the reputations of web domains.
The researchers found that users of the browser would get automatically connected to a series of websites and transmit information when they tried to surf the net through the browser. However if anyone used a corporate network which would includes include security services, will not get their sensitive information transmitted or they would not even reach the malicious versions of the websites.
“This shows how attackers can use extremely simple methods to hide, in this case, thousands of malicious domains,” Golomb said.
All of the domains in question, more than 15,000 linked to each other in total, were purchased from a small registrar in Israel, Galcomm, known formally as CommuniGal Communication Ltd.
(Source:www.reuters.com)
After being alerted by the researchers last month, more than 70 of the malicious add-ons from its official Chrome Web Store had been removed by it, said Alphabet Inc’s Google. “When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses,” Google spokesman Scott Westover told the Reuters as stated in the report.
According to the research report, most of the free extensions were used for warning users about suspected and questionable websites or while converting files from one format to another. The malware instead decamped with users’ browsing history and data that yielded credentials for accessing internal business tools.
According to Awake co-founder and chief scientist Gary Golomb, in terms of the number of downloads globally, of the malware, this stands out as the most far-reaching malicious Chrome store campaign in history.
The Reuters report claimed that Google was unwilling to discuss anything about comparing the latest spyware with the previous such efforts, the extent of the damage caused as well as about why the company had been unable to detect it and consequently remove the bad extensions on its own even though the company had previously promised to conduct more close supervision of the offerings.
The individual or group behind the effort is not yet clear. While submitting the extensions to Google, fake contact information was provided by the developers to the company, Awake said.
“Anything that gets you into somebody’s browser or email or other sensitive areas would be a target for national espionage as well as organized crime,” said former National Security Agency engineer Ben Johnson, who founded security companies Carbon Black and Obsidian Security.
Golomb said that the design of the extensions were such that they were equipped to avoid detection by antivirus companies or security software that are engaged in evaluating of the reputations of web domains.
The researchers found that users of the browser would get automatically connected to a series of websites and transmit information when they tried to surf the net through the browser. However if anyone used a corporate network which would includes include security services, will not get their sensitive information transmitted or they would not even reach the malicious versions of the websites.
“This shows how attackers can use extremely simple methods to hide, in this case, thousands of malicious domains,” Golomb said.
All of the domains in question, more than 15,000 linked to each other in total, were purchased from a small registrar in Israel, Galcomm, known formally as CommuniGal Communication Ltd.
(Source:www.reuters.com)
