Google has removed over 500 malicious Chrome extensions from its Web Store following an investigation by a security researcher and Cisco’s Duo Security.
After a two-month investigation, security researcher Jamila Kaya, in collaboration with Cisco’s Duo Security team, identified hundreds of extensions active on hundreds of thousands of Chrome installations that are injecting malicious ads within browsing sessions.
The extensions were part of a huge malware operation, active for at least two years or more, injecting conditionally-activated malicious code and redirecting users to specific sites. In many cases, the sites were actually legitimate, but some destinations were phishing pages, or pages containing malware.
According to the Duo Security report, the browser extension fraud network affected millions of users, and the group behind it was probably active since the early 2010s. To uncover it, independent security researcher Jamila Kaya used CRXcavator – an automated Chrome extension security assessment tool released by Cisco’s Duo Security engineers.
Google responded swiftly to the report and validated findings before fingerprinting the extensions that were identified.
This also allowed its teams to search the full Chrome Web Store and discover more than 500 related extensions.
“We appreciate the work of the research community, and when we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses,” said a Google spokesperson.
“We do regular sweeps to find extensions using similar techniques, code, and behaviors, and take down those extensions if they violate our policies.”
You might also like
More from Google
Google Product Studio Lets Merchants Create Product Imagery With Generative AI
Google is launching Product Studio, a new tool that lets merchants create product imagery for free, using generative AI. Google Product …
Google Will Delete Accounts That Have Been Inactive For Two Years
Google said it plans to delete account that have not accessed any of its services for two years, as part …
Google I/O Keynote Round-Up: All-In On AI
During its I/O keynote, Google showed off its latest advances in AI, across search, photo editor and Bard, its own …
Gmail Is Getting Blue Verified Checkmarks Too
A blue checkmark on Gmail means companies have successfully verified their identity through BIMI, showing they are a legitimate sender. It …
No More Passwords, Google Is Rolling Out Passkeys Globally
You no longer require a password to sign in on to your Google account, with passkeys rolling out to all …
Tech Companies Are Teaming Up To Free Us From Passwords
Apple, Google, and Microsoft are committing to expanded support for the FIDO standard to bring a passwordless future.
You Can Now Create Custom Voices With Google Cloud Text-to-Speech API
Google Cloud has announced a new feature within its TTS API that lets users generate a unique, new synthetic voice …
Google Replaces Classic Hangouts With Chat On Workspace
On March 22, users attempting to access Google's Hangouts chat services will automatically be redirected to Google Chat instead.
Google Rolls Out New Search Filters To All Users On Drive
Almost two years after introducing search chips into Gmail, Google has now announced the rollout of supportive filters to Google …
