Have you heard that Google has removed scores of malicious and fake Chrome extensions being used in a global eavesdropping campaign?
The threat was spotted by Awake Security, which detected 111 of the malicious extensions over the past three months. When it notified Google of the issue last month, it claimed that 79 were present in the Chrome Web Store, where they had been downloaded nearly 33 million times.
Figures for the others not in the official marketplace are hard to calculate for obvious reasons.
“These extensions can take screenshots, read the clipboard, harvest credential tokens stored in cookies or parameters, grab user keystrokes (like passwords), etc,” it said in a report detailing the investigation.