Google has today removed 106 Google Chrome Extensions from the Chrome Web Store for collecting sensitive personal user information.
These extensions collect data from the user and then send it to other servers which alerted some cybersecurity researchers.
These extensions that got removed from the Chrome web store could read your clipboard history, gain access to authentication tokens, look at passwords, and even take screenshots without the user’s permission.
It was originally found by a group of cybersecurity researchers ar Awake Security. The cybersecurity firm found 111 chrome extensions that were found to be malware collecting data from the end-user.
Soon the company contacted Google regarding the same and then Google removed 106 out of 111 reported extensions today. As per Awake cyber-security firm, the aforementioned 111 chrome extensions were downloaded nearly 33 million times.
The extensions that were found collecting user information claimed to provide services like file and document converting. PDF Opener, etc.
It is believed that all extensions that the company found are created by a single person as there exists some sort of links between them.
Firstly, all the extensions were found sending data to domains registered under the same domain registrar. Furthermore, the UI elements, codes, descriptions, and even version numbers were similar in majority of extensions. The extensions were sending data to domains registered through the GalComm domain registrar.
As the extensions are removed by Google from the Chrome web store, all the extensions will automatically get deactivated on the user’s browser who has installed it. Upon visiting the Extension pages, users will be notified about the malware and they could find some alternative to the extensions they were using.
Users could visit chrome://extensions page to see if they have installed any of these 106 removed extensions. If found, users could remove them with a single click.