Categories: NewsTech

PSA: If you’re using these extensions in Chrome, delete them now!

A new report from cybersecurity firm Awake Security has revealed a “massive, criminal surveillance campaign” that works via Google Chrome extensions. The attacks have been traced to a single Internet Domain Registrar: CommuniGal Communication Ltd (GalComm).

Over 60 percent of GalComm’s owned web domains are affected, with malware and browser-based surveillance tools hosted. What’s also worrying is that 111 malicious extensions for popular browser Google Chrome utilise GalComm domains—these reportedly have the capabilities to take screenshots, read the clipboard, steal information from cookies and parameters, and even log keystrokes on victims’ devices.

The report also says that 32,962,951 downloads of these extensions have already been made via the Chrome Web Store, and that number could be even higher if you take into account those that have been installed manually.

“After analysing more than 100 networks across financial services, oil and gas, media and entertainment, healthcare and pharmaceuticals, retail, high-tech, higher education and government organisations, Awake discovered that the actors behind these activities have established a persistent foothold in almost every network.”

What extensions do I need to delete?

Awake Security shared a full list of IDs of the Chrome extensions you should download here. That list has been cleaned up (duplicates, errors) by the folks over at Life Hacker as per below:

  • browse-safer
  • browsing-protector
  • browsing-safety-checker
  • bytefence-secure-browsing
  • convertwordtopdf
  • doctopdf
  • easyconvert
  • easyconvertdefault-search
  • gofiletopdf
  • mydocstopdf
  • pdf2doc
  • pdf-ninja-converter
  • pdf-opener
  • quicklogin
  • quickmail
  • search-by-convertfilenow
  • search-by-convertpdfpro
  • search-manager
  • secured-search-extension
  • secure-web-searching
  • securify-for-chrome
  • thedocpdfconverter
  • theeasywaypro
  • thesecuredweb-protected-b
  • ttab
  • viewpdf

To remove the offending extensions, open your Google Chrome browser, and click on Window > Extensions.

The extensions that were available on the Chrome Web Store have since been removed by Google thanks to Awake Security’s report, although any sideloaded (manually installed from other sources) versions could still be out there, infecting more machines.

To stay safe from malware campaigns such as these, it’s important to only download anything from trusted sources. While it’s worrying that the malicious extensions even made it onto Google’s official store, a good piece of advice is to stick to extension publishers that you trust.

You can also do a quick Google Search for publishers to confirm their authenticity. In the Chrome store, you can also choose to filter extensions so that only those that are “By Google” are displayed. Meanwhile, do keep an eye out for any permission requests, and delete extensions that prompt you for suspicious permissions such as reading your clipboard.

To read Awake Security’s full report, click here.

[ SOURCE , VIA ]

Recent Posts

Malaysia Airlines’ new A330neo grounded temporarily due to production issues

Malaysia Airlines has temporarily grounded its brand new Airbus A330neo after completing four commercial flights.…

20 hours ago

Proton e.MAS 7: Here’s how much it cost to maintain this EV

Pro-Net recently revealed that you only need to service the new Proton e.MAS 7 EV…

3 days ago

Proton e.MAS 7: How much does it cost to replace the tyres?

The Proton e.MAS 7 is one of the most value for money SUVs at the…

3 days ago

Samsung to launch its new AI-powered home appliances with improved ecosystem integration at CES 2025

Samsung has announced that it will be holding its press conference titled "AI for All:…

3 days ago

SoyaCincau Awards 2024: The Best Phones of the Year

Modern smartphones are very capable computing devices, thanks to powerful hardware trickling down the price…

3 days ago

CelcomDigi offers 5G Home WiFi at RM69/month for Postpaid customers

If you're a CelcomDigi Postpaid 5G customer and can't get fibre broadband for your home,…

3 days ago

This website uses cookies.