Cybersecurity researchers in Awake Security firms have claimed that the removed malicious Google Chrome extensions are still a threat. The researchers claim that the extension has stolen sensitive data from users and has been downloaded over 33 million times.
The over 100 browser extension has stolen corporate data alongside much sensitive information the researchers claim. Awake security claimed in a blog post that their research reveals to them that the criminal act is being carried out by just one Internet Domain Registrar: CommuniGal Communication Ltd. (GalComm).
They said further in the blog post that the removed malicious Google Chrome extension has been downloaded over 32 million times. The extensions were available last on the Chrome web store last month.
Removed malicious Google chrome extensions can access emails
The removed malicious Google chrome extension when they are downloaded into users’ gadgets, convert files to PDFs, and from this file, format to switch between Bing, Google, and Yahoo when opening a new tab and also access emails by clicking the extensions.
Awake security researchers found out that these criminals are deep-rooted in every network after they analyzed over 100 corporate networks in different industries. These malicious extensions are, however, not new as they have been used in the past to steal crypto data.
Malicious extensions can cause dire harm to users
Malicious Google Chrome extension causes much harm to individuals than good. A phishing attack caused the loss of 12 bitcoins (worth around $113,000) of Eric Savics, the host of Protocol Podcast weeks ago. The loss was relayed by Savics on Twitter which caught the attention of Binance CEO Changpeng Zhao who, in turn, committed to blacklist the receiving address. Funny thing, the Twitter account no longer exists.
He downloaded a malicious version of the KeepKey Bitcoin wallet app on his desktop, similar to the removed malicious Google Chrome extension. The extension drained his entire life’s savings after he entered the recovery phase.
Cryptopolitan reported only a few weeks ago about how Google removed another batch (22)of malicious extension that impersonates popular crypto wallets and steals user’s crypto coins. Reportedly, before then, Google removed 49 similar extensions.