Malicious Chrome extensions lead to data theft
Google Chrome Extensions and Communigal Communication Ltd. (Galcomm) domains have been exploited in a campaign that aims to track users' activities and data. In the past three months, Awake Security had found 111 malicious or fake Chrome Extensions using Galcomm domains as Command & Control (C&C) infrastructure. There have been at least 32 million downloads of these malicious extensions. The campaign used nearly 15.160 Galcomm registered domains to host malware and browser-based monitoring tools. That is almost 60% of the domains that can be reached with this registrar. Galcomm affirms that it is not involved. The attacks successfully avoided ...