Beijing time on the afternoon of June 18, according tomedia reports, Awake Security researchers said they found a spyware in Google’s Chrome browser extension, the spyware containing the extension has been downloaded 32 million times. The incident highlights the failure of technology companies in browser security, which is widely used in email, payments and other sensitive features.
Alphabet-owned Google said it had removed more than 70 extensions of the malware from the Chrome Web Store after being alerted by researchers last month.
Scott Westover, a Google spokesman, said: “When we were notified of the extended program that violated the policy in the Web Store, we took action and used it as training material to improve our automated and manual analysis. “
Gary Golomb, awake co-founder and chief scientist, says it’s the most affected malware ever seen in the Chrome store, based on the number of downloads.
Google declined to discuss the difference between the new spyware and previous malware, or the scope of the software’ impact, or why it did not actively monitor and remove the software, which it had promised to keep a close eye on product security.
It is not clear who spread the malware. Awake said the software’s developers filled in false contact information when they uploaded extensions of malware to the Google Store. Mr. Golombo said the extensions could evade the scanning of anti-virus companies or security software.
The researchers found that if the average user uses a browser with malware on a home computer, it contacts multiple websites and then transmits user information. If the user is using an enterprise network, the malware does not transmit sensitive information because of the presence of a security service on the corporate network.
Deceptive extensions have been around for years, but previously they were not harmful, forcing users to watch ads and so on. Now, however, they are becoming more dangerous and can even be used to monitor users’ locations and their activities.
Malware developers have long used Google’s Chrome Store to spread malware, and in 2018, a study found that one in ten extensions submitted to the Chrome Store had malware. Google then announced that it would increase security and increase the number of manual auditors.
But in February, independent researcher Jamila Kaya and Duo Security of Cisco found a malicious plug-in in Chrome that stole data from about 1.7 million users. Google then took part in the investigation and found 500 fraudulent extensions.