As many as 32 million users of the web browser have secretly installed Google Chrome espionage software, news agency Reuters reports. The spying campaign of unprecedented scale came to light after research by cybersecurity officer Awake Security.
It involved software hidden in small programs that people can add to their web browsers. These ‘extensions’ were supposed to warn people against malicious websites or convert files. In the meantime, however, the spyware is hidden in the extension. It also went in search of browser data of the users and other information on the computer, which was then channeled away. Google reported that after Awake’s warning, more than seventy extensions were removed from its Chrome Store.
The information the spyware found was sent to 15,000 different addresses purchased from a small Israeli domain registration company. According to Awake, that company should have known what was going on there, but that is denied by the owner. The investigators couldn’t find out who was ultimately behind the operation.
Data from users on secure company networks would not have been stolen. According to Reuters, this case once again shows that tech companies are insufficiently able to protect browsers, while after an earlier incident, Google had already promised to do better.