Google Chrome is undoubtedly the most popular browser used by not millions but billions of individuals around the world. It is a very fast browser packed with interesting features. One can judge its popularity by the fact that users download and install it in their devices where Chrome is not provided as a default browser. Users freely added browser extensions to their Chrome having blind faith on its security features. These millions of individuals have received a rude jolt by a recent news report about a spyware ring associated with Google Chrome. Google Chrome support has reacted to the development and taken down many such extensions.
‘Awake Security’ researchers have busted a ring of hackers that created extensions for Google Chrome loaded with spyware. This organized crime was going on for a very long time with the ringmasters easily distributing spyware through distribution of seemingly innocuous browser extensions. No one knows for sure how much damage has been caused because of such spyware but the fact remains that the victims downloaded these Chrome extensions for more than 32 million times. After these researchers raise the red flag about these spyware loaded extensions last month, the search engine giant came into action. Google Chrome tech support has responded by taking down nearly 70 extensions from its Chrome web store.
Researchers who found out about the malicious activities of these extensions said that nearly all such extensions were distributed free of cost by the hackers. They were apparently useful extensions for the users that pretended to be very safe by raising alarm whenever the user tried to visit a harmful website. However, once the extensions were downloaded and installed, they indulged in nefarious activities without the knowledge and permission of the users. These programs contained spyware to keep a close watch on the browsing history of the user. They also looked for private and sensitive details of the users stored inside the computer. What is surprising is the fact that these extensions were connected to a network of nearly 15000 websites and they could transmit sensitive details about the user. These malicious domains were purchased from Galcomm, a communication company backed by Israel. The company has denied any role in this spyware campaign.
It is going to be an uphill task for Google Chrome to track down the identities of developers who made these extensions. This is because these extensions were submitted to Chrome Web store with fake identities. In any case, Google Chrome is no interested in unearthing the kingpin behind this spyware racket as its own reputation as a highly secure browser comes under fire. It is really embarrassing for Google Chrome because the company had claimed to have ramped up security way back in 2018.