Avast Blog – 6.29.20 (6.26.20)
Security researchers have discovered what they believe to be a global surveillance campaign whereby attackers were using malicious Google Chrome browser extensions to steal data and spy on over 100 networks. Threatpost reported that the researchers suspect millions of Chrome users were targeted across the industries of financial services, oil and gas, media and entertainment, healthcare and pharmaceuticals, and government organizations. The malicious extensions could surreptitiously take screenshots, log keystrokes, read the clipboard, and more. They were free and marketed as browser helpers that convert files or alert users when they land on a suspicious website. After reading the report, Google removed 106 browser extensions from the Chrome Web Store.