News & Analysis

Using Google Chrome at Work? Your Data Could be at Risk

The battle of web browsers long got over with Google Chrome edging past the rest of the field though options do exist in the form of Firefox, Internet Explorer and Microsoft Edge continuing to hold fort against the all-pervasive Chrome. 

However, in case you happen to be using Google Chrome for your official work, there is reason to be concerned. India’s cyber-security agency has warned that some of its extensions were malicious in nature and were found to be extracting sensitive data from users. As many as 100 of these were also removed by the company. 

The Computer Emergency Response Team of India (CERT-IN), the organization set up to battle cyber-crime in general and cyber-attacks across Indian cyberspace, has issued a statement today that some of the Google extensions contained code to bypass its own web store security scans – a prerequisite for publishing apps on the Android platform.

These malicious bits of software could take screenshots, read data placed on clipboards and snoop around for authentication cookies that would ultimately help cyber criminals grab user keystrokes to read passwords and other confidential information, CERT-IN has said.  

The agency said in an advisory that while Google has reportedly removed 106 of these extensions from Google Chrome browser and the Chrome Web Store, there could still be many more of a similar nature that might harm the users. “These extensions, reportedly posted as tools to improve Web searches, convert files between different formats, and as security scanners,” the statement said.  

So, what should users of Chrome browser do? Quite simply they said that it could be a good idea to uninstall all Google Chrome extensions that are available in the organizational chart section. Users should visit the Chrome extensions page and enable developer mode to check if they have installed any of the malicious extensions. And, in case they have, these should be removed immediately from the browsers and then engineer a system restart. 

CERT-IN said internet users must keep in mind these challenges and henceforth install only those extensions that are absolutely necessary and take the additional precaution of reading user reviews before doing so. In case they find some extensions that are never in use, these should immediately be uninstalled. 

Image Source: computerworld.com

Leave a Response