Chrome Extensions With Hidden Spyware Were Downloaded 32 Million Times

By Bill Galluccio

June 18, 2020

A team of security researchers uncovered a massive spyware campaign that was using Google Chrome extensions to steal users' browser history and access credentials for internal business tools. Researchers at Awake Security told Reuters that the malicious extensions had been downloaded over 32 million times.

Most of the extensions were designed to warn users about questionable websites, while a few were made to convert files from one type to another. While the extensions seemed to work fine on the surface, they were secretly transmitting users' data to third-party servers.

Google said that they removed about 70 extensions from their store after they learned about the spyware campaign.

"When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses," Google spokesman Scott Westover told Reuters.

Awake Security was not able to track those responsible for creating the spyware-infested extensions. They found that around 15,000 domains were all purchased from Galcomm, a small registrar in Israel. Galcomm owner Moshe Fogel denied having any involvement with the spyware campaign and said he was cooperating with the investigation.

Photo: Getty Images

Advertise With Us
Music, radio and podcasts, all free. Listen online or download the iHeart App.

Connect

Explore

iHeart

Live Radio

Podcasts

Artist Radio

Exclusives

News

Features

Events

Contests

Photos

Information

About

Advertise

Blog

Brand Guidelines

Contest Guidelines

Subscription Offers

Jobs

Get the App

Automotive

Home

Mobile

Wearables

© 2025 iHeartMedia, Inc.