![]() “Anything that gets you into somebody’s browser or email or other sensitive areas would be a target for national espionage, as well as organized crime,” said former National Security Agency engineer Ben Johnson, who founded security companies Carbon Black and Obsidian Security. Awake said the developers supplied fake contact information when they submitted the extensions to Google. ![]() It is unclear who was behind the effort to distribute the malware. ![]() Google declined to discuss how the latest spyware compared with prior campaigns, the breadth of the damage, or why it did not detect and remove the bad extensions on its own despite past promises to supervise offerings more closely. Instead, they siphoned off browsing history and data that provided credentials for access to internal business tools.īased on the number of downloads, it was the most far-reaching malicious Chrome store campaign to date, according to Awake cofounder and chief scientist Gary Golomb. Most of the free extensions purported to warn users about questionable websites or convert files from one format to another. “When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses,” Google spokesperson Scott Westover told Reuters.
0 Comments
Leave a Reply. |