Researchers at Awake Security told the Reuters news agency that they had discovered a spying program on Google Chrome's browser.
This malware currently affects more than 32 million downloads of Chrome-related extensions.
Unfortunately this is not a completely new problem because it is recurrent, especially in this sector. And this is not the kind of thing that pleases security experts. Indeed the problem is quite logical and frustrating, when we know that browsers are used for virtually any service, in the majority presents an undeniable risk to privacy as well as the confidentiality of connections. The secure (navigator) then becomes an almost impossible mission.
Thanks to a recent analysis, researchers at Awake Security have shed light on new software that poses a risk to users' privacy and privacy. A spying program, which targets millions of users, according to what was reported by the Reuters news agency. We are talking at this level of 32 million downloads that would be infected by this spyware. Even the extensions available on Google's official store are also affected by this corruption. The Mountain View giant said last month it had removed more than 72 of its malicious extensions. But beyond that, an analysis showed that using extensions on its browser slowed it down considerably. "When we were alerted to extensions of our web store violating our policy, we took action and used these incidents as training materials to improve our automated and manual analysis," Scott Westover, spokesman for Awake Security, told Reuters.
The paradox in this story is that the majority of extensions that are pointed out as being the one that houses this malware, are usually products used by users to protect them from malicious websites. Another part of her tools and she used to convert file formats.
One of the features of this spyware according to the cybersecurity company, will be the collection of navigation data such as historical, as well as access to internal tools, to surely allow cyber criminals to carry out certain actions including malicious purposes.
According to Scott Westover, this spread of this software presents itself as the largest wave of espionage by downloading extension. Analysts have shown that a large proportion of chrome users have passed on personal information without their knowledge, only by visiting corrupted websites. But on the other hand, corporate networks seem to have sufficiently resisted this wave of espionage, thanks in particular to their security service, that they have managed to prevent the exfiltration of their data to external servers, for example by preventing access to malicious websites. In all cases, individuals are less protected than businesses in this kind of context. With the negligence of ordinary users, it is not uncommon to see these kinds of vulnerabilities spread.
In addition. Google has recently developed new features in its browser to make its use more secure. It is therefore recommended not to miss the recent updates available.
The domain names affected by this espionage problem are according to the cybersecurity company numbering 15,000, each having a connection with the other. They are believed to belong to an Israeli firm called Galcomm, still known in the field as CommuniGal Communication. When questioned by the Reuters news agency, the Israeli company denied: "Being involved or complicit in malicious activity. ». Gary Golomb, the founders of Awake Security, noted in this context: "This shows how hackers can use extremely simple methods to hide, in this case, thousands of malicious domains."
For now, investigations continue to find hackers behind this wave of cybercrime. The hackers, who could have initiated have not yet been determined. Apart from that, it would seem that, wave games of corruption extensions hides another malicious activity not disclosed at the moment.
Now access an unlimited number of passwords: