Info-tech

Hackers launched spyware attack through Google Chrome extensions : Report

Hemani Sheth Mumbai | Updated on June 19, 2020 Published on June 19, 2020

The MoU will also give LTTS access to IIT-Kanpur’s cutting-edge test-bed for critical infrastructure.   -  istock.com/ipopba

A new cyberthreat has emerged in the form of a massive spyware campaign that targeted users through Google Chrome extensions downloaded more than 32 million times, as per reports.

According to a report by cybersecurity firm Awake Security, over a hundred malicious Google Chrome extensions were used to spy on Google Chrome’s users in a massive global surveillance campaign.

“The Awake Security Threat Research Team has uncovered a massive global surveillance campaign exploiting the nature of Internet domain registration and browser capabilities to spy on and steal data from users across multiple geographies and industry segments,” the cybersecurity firm said in its report.

The firm found at least 111 "malicious or fake" Chrome extensions in its study.

These extensions are capable of spying on users by taking screenshots, reading a user’s clipboard, harvesting credential tokens stored in cookies or parameters and even get user passwords by grabbing user keystrokes.

The extensions were from domains that were registered under a known internet registrar GalComm.

“In the past three months alone, we have harvested 111 malicious or fake Chrome extensions using GalComm domains for attacker command and control infrastructure and/or as loader pages for the extensions,” the firm said.

“Of the 26,079 reachable domains registered through GalComm, 15,160 domains, or almost 60%, are malicious or suspicious,” it said.

The firm has recorded at least 32,962,951 downloads of these malicious extensions till date many of which had been available in Chrome’s web store.

Google’s parent company Alphabet Inc has said that it has removed over 70 of these malicious add-ons from its official Chrome Web Store after the firm had alerted them of the same, Reuters reported.

“When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses,” said a Google spokesman as quoted by the report.

GalComm had denied any wrongdoing, it said.

“GalComm is not involved, and not in complicity with any malicious activity whatsoever,” the company said as quoted by the report.

“You can say exactly the opposite, we cooperate with law enforcement and security bodies to prevent as much as we can,” it said.

Published on June 19, 2020

A letter from the Editor

Dear Readers,

The coronavirus crisis has changed the world completely in the last few months. All of us have been locked into our homes, economic activity has come to a near standstill. Everyone has been impacted.

Including your favourite business and financial newspaper. Our printing and distribution chains have been severely disrupted across the country, leaving readers without access to newspapers. Newspaper delivery agents have also been unable to service their customers because of multiple restrictions.

In these difficult times, we, at BusinessLine have been working continuously every day so that you are informed about all the developments – whether on the pandemic, on policy responses, or the impact on the world of business and finance. Our team has been working round the clock to keep track of developments so that you – the reader – gets accurate information and actionable insights so that you can protect your jobs, businesses, finances and investments.

We are trying our best to ensure the newspaper reaches your hands every day. We have also ensured that even if your paper is not delivered, you can access BusinessLine in the e-paper format – just as it appears in print. Our website and apps too, are updated every minute, so that you can access the information you want anywhere, anytime.

But all this comes at a heavy cost. As you are aware, the lockdowns have wiped out almost all our entire revenue stream. Sustaining our quality journalism has become extremely challenging. That we have managed so far is thanks to your support. I thank all our subscribers – print and digital – for your support.

I appeal to all or readers to help us navigate these challenging times and help sustain one of the truly independent and credible voices in the world of Indian journalism. Doing so is easy. You can help us enormously simply by subscribing to our digital or e-paper editions. We offer several affordable subscription plans for our website, which includes Portfolio, our investment advisory section that offers rich investment advice from our highly qualified, in-house Research Bureau, the only such team in the Indian newspaper industry.

A little help from you can make a huge difference to the cause of quality journalism!

Support Quality Journalism
Google’s new Chrome extension allows users to generate links for specific text on web page