Malicious extensions on Chrome browser enjoyed over 32m downloads
Security researchers have unearthed a "global surveillance campaign" that has been using malicious extensions to take screenshots, steal credentials, and capture user keystrokes on the Chrome web browser.
Researchers at Awake Security recently stumbled upon an Internet Domain Registrar named CommuniGal Communication Ltd. (GalComm) that was being used to set up tens of thousands of registered domains, most of which were malicious or suspicious.
The researchers found that of the 26,079 reachable domains registered through GalComm, 15,160 domains, or almost 60%, were malicious or suspicious and hosted a variety of traditional malware and browser-based surveillance tools. These domains avoided being labeled as malicious by most security solutions thanks to a variety of evasion techniques and infected hundreds of networks without getting noticed.
They also found as many as...