Researchers over at Awake Security discovered a major security flaw in Google Chrome browser. This information comes from Reuters, and reveals that this effort attached users through 32 million downloads of extensions.
Google seems to have taken action, though. The company says that it removed more than 70 malicious add-ons from the Chrome Web Store. It did that after being alerted by researchers, last month.
Most of those extensions looked to warn users about questionable websites, or convert files from one format to another. What they actually did is siphoned off browsing history and data that provides credentials for free access to internal business tools.
This security flaw is probably the most far-reaching in Google Chrome history
This was probably the largest spyware Chrome store campaign to date, considering the number of downloads. That information comes from the Awake co-founder, and chief scientist, Gary Golomb.
Google did not share the detailed information on the damage these extensions did. The company also did not elaborate on why this happened in the first place.
It remains unclear who is behind this effort. Fake contact information was supplied by the developers of those extensions. Therefore, it is currently unknown who is really behind everything.
Golomb said that those extensions were specifically designed to avoid detection by antivirus companies, or any type of security software. Well, at least the security software that is meant to validate the reputation of web domains.
So, how did this scheme work? Well, when a user used his browser to surf the web, on his home computer, it would connect him to a series of websites to transmit information.
More than 15,000 domains were used in the scheme
There were more than 15,000 domains in questions here, and they all linked to each other, it is noted. They were purchased from a small registrar in Israel.
The name of it is ‘Galcomm’, which is formally known as CommuniGal Communication Ltd. Awake contacted Galcomm, and its owner, Moshe Fogel, says that the company did nothing wrong.
This was a considerable hole in Google’s security, as it seems like a ton of information got leaked as a result. Google will hopefully learn from this mistake, and improve its security.
It is possible that more information regarding this will surface in the near future. If that happens, we’ll make sure to let you know.