Researchers at Awake Security have published a report on malicious extensions in the Chrome web store, making both specific claims of over 32 million downloads of one malware family, and general claims of weak security in both domain registration and Google's store.
The researchers said they have been tracking a "massive global surveillance campaign that affects almost every enterprise we have investigated" linked to a specific Israel-based domain registrar called Communigal Communication Ltd (Galcomm).
The story begins with some heuristic malware detection by Awake, looking for things like signs of uploads going to rare or known bad destinations. This led them to a bunch of malicious browser extensions, 111 in total, which "were found to upload sensitive data or not perform the task they're advertised to perform (generally, they surveil user activity and device properties."
..
Support the originator by clicking the read the rest link below.
