Google removes over 100 Chrome extensions

Google removes over 100 Chrome extensions

Anam.Ajmal@timesgroup.com

New Delhi:02.07.2020

Google has removed over 100 malicious Chrome extensions as they were found collecting sensitive data by taking screenshots of the user’s screen and harvesting keystrokes to read passwords and other confidential information.

According to an advisory issued by India’s Computer Emergency Response Team (CERT-In) last week, these malicious extensions posed as "tools to improve web searches, convert files between different formats, as security scanners, and more."

An extension is a small software that helps users in customizing a web browser. They can be used for several purposes, including blocking cookies, playing games and creating shortcuts.

CERT-In added that these extensions bypassed Google Chrome Web Store security scans, and had the "ability to take screenshots, read the clipboard, harvest authentication cookies or grab keystrokes to read passwords and other confidential information."

"Your browser history contains sensitive information and even when we are not using the web extension, they can still keep a track of our web activity. They can then collect data and misuse it," said cyber security expert Rakshit Tandon.

He added that one of the ways to eliminate this cyber threat is to not add third party extensions at all. "General public may not understand what is harmful for them. So, we advise people not to install any extension on their computer. Even if users install them, they should do it only after studying its reviews," Tandon added.