SEVERE WX : Freeze Warning - Red Flag Warning View Alerts
STREAMING NOW: Watch Now

Google Chrome users may have been impacted by a massive spying campaign, report says

Google Chrome extensions downloaded more than 32 million times...

Posted: Jun 19, 2020 3:27 AM
Updated: Jun 19, 2020 2:00 PM

Google Chrome extensions downloaded more than 32 million times were used to spy on the popular browser's users in a massive global surveillance campaign, according to a new report.

The report, from cybersecurity firm Awake Security, found at least 111 'malicious or fake' Chrome extensions capable of taking screenshots, stealing login credentials and capturing passwords as users typed them. The campaign impacted a wide range of sectors including financial services, healthcare and government organizations, it added.

Extensions allow users to add features and capabilities to their browsers, such as a recently popular one that allows multiple laptops to stream Netflix shows simultaneously and another from Google that lets users flag suspicious websites.

But the new report highlights the potential for fraudulent extensions to do harm and compromise a wide variety of systems.

'The actors behind these activities have established a persistent foothold in almost every network,' researchers at Awake said.

Google confirmed that all the browser extensions flagged by Awake have since been removed.

'We appreciate the work of the research community, and when we are alerted of extensions ... that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses,' Google spokesperson Scott Westover said in a statement provided to CNN Business. 'We do regular sweeps to find extensions using similar techniques, code, and behaviors, and take down those extensions if they violate our policies.'

Awake linked all the extensions associated with the spying campaign back to Galcomm, an Israeli web hosting company that claims to manage around 250,000 browser domains.

'By exploiting the trust placed in it as a domain registrar, Galcomm has enabled malicious activity that has been found across more than a hundred networks we've examined,' Awake researchers said in the report, adding that they found more than 15,000 Galcomm domains that were 'malicious or suspicious.'

'Galcomm is not involved, and not in complicity with any malicious activity whatsoever,' Moshe Fogel told Reuters, which was first to report on Awake's findings.

After this story published, Galcomm refuted parts of Awake's report, saying 25% of the domains Awake claimed to have checked were not Galcomm domains or had been deleted. The Israeli firm also said Awake had not sought its input before publishing the report.

'The report is at least irresponsible, if not worse,' Galcomm owner Moshe Fogel said in an email to CNN Business. 'We are considering our steps and actions against Awake.'

Google did not comment on Galcomm's role in the campaign.

Google Chrome extensions have been linked to cyberattacks in the past, including as recently as February this year. The company has taken several steps to improve the browser's privacy and security protections, Westover said.

'In addition to disabling the accounts of developers that violate our policies, we also flag certain malicious patterns we detect in order to prevent extensions from returning,' he added.

Oregon Coronavirus Cases

Data is updated nightly.

Confirmed Cases: 42101

Reported Deaths: 653
CountyConfirmedDeaths
Multnomah9137160
Marion5819108
Washington573975
Umatilla334944
Clackamas309765
Lane235427
Malheur191538
Jackson16696
Deschutes112313
Yamhill98715
Linn80315
Polk65015
Jefferson6049
Morrow5456
Lincoln51713
Union4662
Benton4416
Klamath4103
Douglas3495
Wasco34715
Hood River2771
Josephine2673
Columbia2591
Clatsop2420
Coos2380
Baker1203
Crook1072
Tillamook700
Curry571
Wallowa442
Lake350
Harney230
Sherman180
Gilliam110
Grant110
Wheeler10
Unassigned00

California Coronavirus Cases

Data is updated nightly.

Confirmed Cases: 906596

Reported Deaths: 17358
CountyConfirmedDeaths
Los Angeles2997606993
Riverside659021279
San Bernardino626191072
Orange585731447
San Diego54583870
Kern33813416
Fresno30752436
Sacramento25372484
Santa Clara24144388
Alameda23312461
San Joaquin21630489
Contra Costa18621241
Stanislaus17629396
Tulare17495286
Ventura14240164
Imperial12700336
San Francisco12103140
Monterey1137291
San Mateo11075159
Santa Barbara9781120
Merced9465155
Sonoma9312136
Kings822883
Solano728674
Marin7074128
Madera498174
San Luis Obispo414132
Placer409357
Yolo319159
Butte307852
Santa Cruz278825
Napa195715
Shasta187830
Sutter183712
San Benito143715
El Dorado13174
Yuba129310
Mendocino112721
Tehama8728
Lassen7661
Lake69615
Glenn6573
Nevada6088
Humboldt5629
Colusa5506
Calaveras34218
Amador32816
Tuolumne2694
Inyo22715
Siskiyou1930
Mono1802
Del Norte1781
Mariposa782
Plumas680
Modoc290
Trinity250
Sierra60
Alpine30
Unassigned00
Medford
Clear
34° wxIcon
Hi: 67° Lo: 32°
Feels Like: 34°
Brookings
Clear
58° wxIcon
Hi: 71° Lo: 53°
Feels Like: 58°
Crater Lake
Clear
18° wxIcon
Hi: 56° Lo: 27°
Feels Like: 11°
Grants Pass
Clear
30° wxIcon
Hi: 67° Lo: 32°
Feels Like: 30°
Klamath Falls
Clear
18° wxIcon
Hi: 55° Lo: 22°
Feels Like: 11°
Critical fire danger today
KDRV Radar
KDRV Fire Danger
KDRV Weather Cam

Community Events