New Delhi -°C
Today in New Delhi, India

Jul 14, 2020-Tuesday
-°C

Humidity
-

Wind
-

Select Country
Select city
ADVERTISEMENT
Home / India News / Govt’s cyber security agency says over 100 malicious Chrome extension removed, asks users to be cautious

Govt’s cyber security agency says over 100 malicious Chrome extension removed, asks users to be cautious

The agency CERT-In advised Internet users to only install extensions which are absolutely needed and refer user reviews before doing so.

india Updated: Jul 01, 2020 13:24 IST
hindustantimes.com | Edited by: Amit Chaturvedi
hindustantimes.com | Edited by: Amit Chaturvedi
Hindustan Times, New Delhi
Google Chrome logo is seen near cyber code and words
Google Chrome logo is seen near cyber code and words "spy" in this illustration picture.(Reuters Photo)

The Computer Emergency Response Team of India (CERT-In) has advised internet users to exercise caution while installing Google Chrome extensions.

The company said that it removed over 100 malicious extensions after they were found collecting sensitive user data. CERT-In also said that it found these extensions contained code to bypass Google Chrome’s Web store security scans.

CERT-In comes under the Ministry of Electronics and Technology and deals with cyber security threats.

The malicious extensions had the ability to take screenshots, read the clipboard, harvest authentication cookies or grab user keystrokes to read passwords and other confidential information, said the agency.

The agency advised Internet users to only install extensions which are absolutely needed and refer user reviews before doing so.

Last month, researchers had said that spyware effort attacked users through 32 million downloads of extensions to Google’s Chrome web browser. Google had said that it removed more than 70 of the malicious add-ons from its official Chrome Web Store after being alerted by the researchers.

Most of the free extensions purported to warn users about questionable websites or convert files from one format to another. Instead, they siphoned off browsing history and data that provided credentials for access to internal business tools.

In January this year, Google had suspended all the commercial extensions in the wake of a significant increase in the number of fraudulent transactions that aim to exploit users.

Malicious developers have been using Google’s Chrome Store as a conduit for a long time.

ht epaper

Sign In to continue reading