Google has removed 70 Chrome extensions accused of spying on users and collecting confidential information. Here’s what they are
Some 70 extensions disappeared from the Chrome Store and 32 million downloads they had reached before Google, after a report by Awake Security, realized they contained spyware. This is, given the numbers, the biggest malware campaign ever on the Chrome Store.
Once again, then, Google has missed the mark by letting dangerous extensions go undisturbed that were then installed en masse by Chrome users. Which, we remind you, is the most used browser in the world. The news was reported by Reuters, which also contacted Google for comment. The answer of Google, however, has been very vague, while the Israeli company Galcomm has rejected every accusation and would seem to be the recipient of the huge amount of data collected from the 70 extensions removed. Apparently the spying mechanism put in place by these Chrome extensions was calibrated to work only on PCs of private users and not even within a corporate network. Most of the discovered extensions, all of which were free, were officially used to warn users of dangerous websites or to convert files from one format to another. In reality, however, they proceeded to read browser history and a lot of other personal information and transmit it to remote servers. It is unclear who was behind these extensions: Awake said that the developers provided false contact information when they sent the extensions to Google for approval. And Google didn’t check.
Who’s behind these extensions?
The 70 dangerous extensions transmitted user data to more than 15,000 interlinked Web domains, all owned by an Israeli company, Galcomm. Galcomm’s owner, Moshe Fogel, told Reuters that his company had done nothing wrong: “Galcomm is not involved, and is not complicit in any malicious activity. On the contrary, we cooperate with law enforcement and security bodies to prevent such incidents as much as possible.”
What Google Says
“We regularly clean up to look for dangerous extensions that use similar techniques, code, or dangerous behavior,” said a Google spokesperson. However, back in 2018, Google said it would also improve Chrome Store security by increasing checks on extensions by live auditors, as well as through automated systems. But still in February 2020, independent researcher Jamila Kaya uncovered as many as 500 dangerous extensions that were downloaded by more than 1.7 million Chrome browser users.