Recently, 106 Chrome Extensions were removed by Google for being malware.. According to the statement, cybercriminals use these extensions to steal users’ information.
The famous cybersecurity firm Awake Security has published a report on its site today.. According to the published report, 106 of the 111 Chrome Extensions examined were detected as malware.. These 106 Chrome Extensions used by Google to steal users’ data were instantly removed.
According to the statement made by Awake Security, these extensions were offered to users with features such as improving web searches, changing file extensions, browsing sites.. However, in Awake, it is not really the case that these extensions can read users’ web history, take screenshots, examine authentication cookies and receive keyboard strokes (password, etc.)..
The above example contains three malicious Chrome Extensions. No matter how innocent they may seem when we look at them one by one, when we examine all three together, the description, versions and visuals of all of them are similar to each other.. The same image is used only with different colors.
Another example above is that the two security applications are the same except for their names.. In addition, such fake extensions have hundreds of thousands of fake comments and ratings.
Although Awake cannot explain this situation by finding any concrete evidence, it is believed that all of the extensions come from the same place, that is, the same person, community or company is behind these extensions. believes. The most obvious common feature of these fake extensions is that they all transfer user data to a domain purchased from the Galcomm Domain provider.
These 106 Chrome Extensions Have Been Downloaded A Total Of 32 Million Times
Awake The Security representative said that such extensions still exist in the web store under different categories such as “financial support, media and health” and that action should be taken.. In addition, according to the company’s statement, these 106 Chrome Extensions have been downloaded exactly 32,962,951 times as of May 2020.. Currently, none of these extensions are available in the Chrome Web Store. However, Google has not removed these extensions from the system of people who have already downloaded them.. Disabled them and put the information “This extension contains malware”.
If you have such an extension, you can either type “chrome://extensions” in the search bar or go to the extensions section in the settings, if you have such an extension.
Also, Awake Security has published the ids of these Chrome Extensions here.