Google has removed from the official Chrome Web store more than 70 add-ons, which tracked the Internet activity of users. The sweep was conducted after the threat has notified cybersastra Awake Security firm last month.
According to experts, expansion-malware was downloaded a total of more than 32 million times. By number of downloads this malicious campaign has been hailed as the biggest in the history of the Chrome browser. About it reports Reuters with reference to representatives of Security Awake.
the vast majority of the remote plugin was designed to convert files from one format to another, and also to alert the users about the transition to questionable sites. In fact, “bad” was the additions that have pumped the history and the credentials to access the tools inside enterprise networks.
Who spread malicious extension is unknown. According to Awake Security, the attackers have provided false contact information when applying for the inclusion of add-ons in the Chrome Web Store.
the malware was designed in such a way that they couldn’t catch antivirus. To remain unnoticed, hiding plug-ins for more than 15 thousands of domains, was a small Israeli company Galcomm (CommuniGal Communication). In Galcomm his involvement in the attack and deny.
Why Google are not able to detect complement-malware, the company did not specify. “When we are warned about the presence of extensions, break the rules, we take action and use these incidents as teaching material to improve our system of automatic and manual analysis,” said the Agency in the press service of Google.