Cyber

Malicious Chrome Extensions Downloaded Millions of Times

06.24.2020

Google has deleted scores of fake and malicious Chrome extensions used in a devastating global eavesdropping effort. Identified by Awake Security, the threat was found in 111 of malicious extensions over the last three months. The company immediately notified Google of the extensions last month, noting that 79 of these extensions were in the Chrome Web Store, where they were downloaded by users over 33 million times.

These malicious extensions are able to take screenshots, read the clipboard, gather credential tokens in parameters or cookies, take user keystrokes like passwords, etc. Those behind the evil campaign evade enterprise security proxies, AV, and other cyber-security defenses.

“After analyzing more than 100 networks across financial services, oil and gas, media and entertainment, healthcare and pharmaceuticals, retail, high-tech, higher education and government organizations, Awake discovered that the actors behind these activities have established a persistent foothold in almost every single network.” stated the security company.

At Colonial Surety Company, we never want your company to be unprepared in the event a cyber-breach occurs. That’s why we have Cyber Liability Insurance for plan sponsors! Cyber Liability Insurance covers fiduciaries in the event of a claim or breach and protects the employee benefit plan in full. Our Cyber Liability Insurance only comes in our two-to-three year ERISA bond packages, which include ERISA coverageFiduciary Liability Insurance, and Cyber Liability Insurance, to give you the best value of coverage you can’t get anywhere else! Click here to get the coverage your company and its employees deserve.