Over 70 malicious Chrome add-ons w/ 32 million downloads removed from Chrome Web Store

Damien Wilde | Jun 18 2020 - 5:14 am PT

Google has removed over 70 add-ons from the Web Store for the Chrome web browser after reports of malicious activity.

Reuters reports that these Chrome add-ons amassed over 32 million downloads from the Chrome Web Store, and were found after extensive research by security firm Awake Security. Most of the extensions claimed to warn users of malicious activity on websites or claimed to be able to convert specific file types to another.

Unfortunately, the add-ons instead stole browser history and sensitive data that would essentially steal access credentials for internal business tool and platforms.

To put this into context, the research firm behind the information suggests that this was the biggest malicious Chrome Web Store campaign to date. Alphabet was informed of the problematic “malicious” add-ons last month by researchers, with all of them since being removed from the Chrome Web Store.

“When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses,” Google spokesperson Scott Westover told Reuters.

Google declined to discuss how the latest spyware compared with previous campaigns. The firm did not discuss the breadth of the damage, or why the systems it has in place were unable to detect and remove the bad extensions on its own, despite promises to vet and scrutinize extensions more closely.

What’s more concerning is that it’s unclear who was behind this latest form of spyware, as the developers were able to provide false contact information when submitting extensions to Google. It’s clear that this might have more far-reaching consequences than the removal of potentially malicious Chrome add-ons.