An incident of hackers using malicious chrome extensions to spy on users was reported recently.
The research has revealed that these extensions were posing as tools meant to convert files between different formats. However, they were stealing the browsing history of users and trying to gain access to any sensitive credentials they could get their hands on.
The hackers have not targeted corporate organizations and hence they have not yet been reported. As for the culprits behind this, the contact information provided to Google upon the initial submission of the Chrome extensions was found to be fake.
The information collected by this extensions was circulated through more than 15,000 domains that were registered from an Israeli based company. The information stolen by these extensions may have all the data that your browser fetches or a user provides to the browser.
The stolen data can contain browsing history, sensitive credentials of login pages, banking information, chatting data, etc. Gaining the access of all these data, hackers can find multiple ways to target the user and can cause huge damage to them.
The extensions responsible for these malicious activities were available till May 2020 and then Google removed them after they were reported. These extensions had more than 32 million downloads which means that a huge number of users are already into their attack.
NPAV recommends users to always read the reviews and developer information before downloading anything onto their systems. Reading the reviews and developer information carefully will always give you a hint for whether the content is from a trusted source or not.
Use NPAV and join us on a mission to secure the cyber world.