The hare has been lifted by researchers of the society Awake Security. Last month, they have warned Google that its Chrome web browser was the target of a spying software affecting extensions (also called”plug-in”) available in its official store Chrome web. Supposed to warn users about security problems, or convert file formats, these extensions allowed hackers to collect your browsing history and data enabling access to the logon information of the user services.
see also : The crisis of the Covid-19 weakens computer security
According to Awake Security, the malware has spread through 32 million downloads of extensions, making the campaign the largest ever conducted to date in the shop of Chrome. Google said on Thursday it had removed more than 70 extensions affected. “When we were alerted of extensions in our ‘web store’ that violates our policy, we have taken measures and used these incidents as a training material to improve our automated scans and manual,” said Scott Westover, a spokesman for Google.
the authors of The attacks cannot be found
According to the researchers – and as often in the area of cyber security – it is impossible to know who is behind this attack, but “the authors have made a point of honor to muddy the waters” notes their report. To save more than 15,000 Internet domains, they are passed by an israeli company, Galcomm, by providing false contact information when they have submitted the extensions to Google.
Google gave no information on the extent of the damage, nor on the reasons for which it was not detected and deleted the extensions itself.
see also : The progress of the quantum jostle cyber security
The use of extensions are malicious to install programs that are all the same is not new and quite common. The extensions are often pointed the finger for the little protection they offer. Last February, a campaign Chrome similar had allowed it to steal data on approximately 1.7 million users. Yet, Google had indicated that it would improve safety by strengthening the supervision of the bid ex post, automated, by humans. “We regularly conduct sweeps to find extensions using techniques, codes, and similar behaviors,” said at the time Scott Westover, the spokesperson of Google. With Chrome, Google owns 60% of the browser market according to the firm Stat Counter.
The editorial team conseilleCovid-19: Apple and Google launch their solution traçageGoogle threatened a class-action five billion dollarsSujetsChromeCybersécuritéaucun comment
there are currently no comments on this article.
Be the first to give your opinion !
I write a comment