Google's Chrome Web store used to spread malware

Google Chrome logoCrooks have found a new venue to push malware: the official Google Chrome Web Store. It was recently used to hawk Chrome browser extensions secretly hijacking users' Facebook profiles.

According to Kaspersky Lab expert Fabio Assolini, one malicious extension hosted on Google's own servers contained hidden code that "can gain complete control" of the user's Facebook profile. The extension then used that access to spread malicious messages and register Facebook Likes for certain items, also inviting fellow users to install it. The same operators advertised a service that delivered Likes of companies looking to promote their profiles. It costs about $27 per 1,000 Likes.

The company distributing this malicious extension was unnamed in the report as was the specific app. Assolini said Google personnel removed the malicious extension shortly after Kaspersky reported it to them. "But we noted the bad guys behind this malicious scheme are uploading new extensions regularly, in a cat and mouse game," he warned. He didn't elaborate on the number of extensions or how long he's been observing them other than to say the malicious app Kaspersky discovered had 932 users.

Over the past few years, the openness of Google's Android Market has represented one of the more conspicuous ways its users are attacked. As the software equivalent of a Wikipedia-like bazaar to which anyone may contribute, it has repeatedly been seeded with applications that take liberties with end users' phones and data. Kaspersky's report suggests similar attacks are exploiting Google's Chrome Web Store.

"It is against the Chrome Web Store Content Policies to distribute malware," a Google spokesman wrote in an email. "When we detect items containing malware or learn of them through reports, we remove them from the Chrome Web Store and from active Chrome instances. We've already removed several of these extensions, and we are improving our automated systems to help detect them even faster."

Last month, Google unveiled a cloud-based service called Bouncer that scours the Android Market for malicious smartphone apps.

Source: Ars Technica

Tags: Chrome, Google

Comments
Add comment

Your name:
Sign in with:
or
Your comment:


Enter code:

E-mail (not required)
E-mail will not be disclosed to the third party


WAnto#10 0
Yep, I got one this morning. I am prttey good at spotting these scam emails, but not this one. I thought it was real. But when I clicked on the Follow this link nothing happened (perhaps because I am on a Mac or using Thunderbird) I knew. I immediately searched Google about a scam and found this site.People, be careful!
Reply 
WAnto#20 0
Yep, I got one this morning. I am prttey good at spotting these scam emails, but not this one. I thought it was real. But when I clicked on the Follow this link nothing happened (perhaps because I am on a Mac or using Thunderbird) I knew. I immediately searched Google about a scam and found this site.People, be careful!
Reply 
WAnto#30 0
Yep, I got one this morning. I am prttey good at spotting these scam emails, but not this one. I thought it was real. But when I clicked on the Follow this link nothing happened (perhaps because I am on a Mac or using Thunderbird) I knew. I immediately searched Google about a scam and found this site.People, be careful!
Reply 
PurlsOf#40 0
Ich habe schlechte Internet mit 16 ooo Geschwindigkeit, muss immer in jede Seite<a href="http://ezptdqri.com"> weartn</a>, teure Internet und ganz langsam, mit Zestf6rung, wegen schlechte Anbieter ich kann nicht mit Adsense und mit AdWords arbeiten.
Reply 
PurlsOf#50 0
Ich habe schlechte Internet mit 16 ooo Geschwindigkeit, muss immer in jede Seite<a href="http://ezptdqri.com"> weartn</a>, teure Internet und ganz langsam, mit Zestf6rung, wegen schlechte Anbieter ich kann nicht mit Adsense und mit AdWords arbeiten.
Reply 
PurlsOf#60 0
Ich habe schlechte Internet mit 16 ooo Geschwindigkeit, muss immer in jede Seite<a href="http://ezptdqri.com"> weartn</a>, teure Internet und ganz langsam, mit Zestf6rung, wegen schlechte Anbieter ich kann nicht mit Adsense und mit AdWords arbeiten.
Reply 
Dave#70 0
I think they're both equal, but obviously Chrome is the defualt browser inп»ї Android Jelly Bean. I'm surprised Google didn't make Chrome worse on iOS like they do with most apps, and like they did with Google Drive.. http://qvneryj.com [url=http://plixrjyya.com]plixrjyya[/url] flvnquv
Reply 
Dave#80 0
I think they're both equal, but obviously Chrome is the defualt browser inп»ї Android Jelly Bean. I'm surprised Google didn't make Chrome worse on iOS like they do with most apps, and like they did with Google Drive.. http://qvneryj.com [url=http://plixrjyya.com]plixrjyya[/url] flvnquv
Reply 
Dave#90 0
I think they're both equal, but obviously Chrome is the defualt browser inп»ї Android Jelly Bean. I'm surprised Google didn't make Chrome worse on iOS like they do with most apps, and like they did with Google Drive.. http://qvneryj.com [url=http://plixrjyya.com]plixrjyya[/url] flvnquv
Reply 

Last news

 
The smartwatch is reportedly being released alongside the Galaxy Note9 with some new tech on board
 
Not to be confused with a flip phone which separates the display from the hinge
 
The PCI-SIG has announced that PCIe 4.0 specification is finished
 
The report even mentions that AMD developed the Navi GPU architecture specifically
 
Intel has alreadt started production of XMM 7560 modem chips
 
The Galaxy Note 9 was previously expected to ship with a 3,850mAh battery
 
New update claimed to reduce system stability issues by 20%
 
The new silicon could let Intel design 20-core and 22-core SKUs for the X299 Express chipset
The Samsung Galaxy A5 (2017) Review
The evolution of the successful smartphone, now with a waterproof body and USB Type-C
February 7, 2017 /
Samsung Galaxy TabPro S - a tablet with the Windows-keyboard
The first Windows-tablet with the 12-inch display Super AMOLED
June 7, 2016 /
Keyboards for iOS
Ten iOS keyboards review
July 18, 2015 /
Samsung E1200 Mobile Phone Review
A cheap phone with a good screen
March 8, 2015 / 4
Creative Sound Blaster Z sound card review
Good sound for those who are not satisfied with the onboard solution
September 25, 2014 / 2
Samsung Galaxy Gear: Smartwatch at High Price
The first smartwatch from Samsung - almost a smartphone with a small body
December 19, 2013 /
 
 

News Archive

 
 
SuMoTuWeThFrSa
     12
3456789
10111213141516
17181920212223
24252627282930




Poll

Do you use microSD card with your phone?
or leave your own version in comments (10)