Internet users need to be extra careful while downloading extensions for Google Chrome as a statement from government’s security agency has revealed that over 100 malicious links have been removed by the platform after they were found collecting "sensitive" user data. The Computer Emergency Response Team of India (CERT-In), the national technology arm to combat cyber-attacks and guard the Indian cyber space, said it has also been found that these extensions contained code to bypass Google Chrome's web store security scans.

COMMERCIAL BREAK
SCROLL TO CONTINUE READING

The agency further said that these malicious extensions had the ability to take screenshots, read the clipboard, harvest authentication cookies or grab user keystrokes to read passwords and other confidential information.

"It has been reported that Google has removed 106 extensions of the Google Chrome browser from the chrome web store which were found collecting sensitive user data," the agency said in the advisory.

"These extensions, reportedly posed as tools to improve web searches, convert files between different formats as security scanners and more," it added.

WATCH Zee Business TV LIVE Streaming Online -

The federal cyber security agency has also suggested users to uninstall Google Chrome extensions.  Users can visit the chrome extensions page and subsequently enable developer mode to see if they have installed any of the malicious extensions and then remove them from their browsers, it said.

The agency advised Internet users to only install extensions which are absolutely needed and refer user reviews before doing so. They should uninstall extensions which are not in use, it said, adding that users should not install extensions from unverified sources.

Last week, researchers at Awake Security said that a Google Chrome spyware extension, which have been downloaded more than 32 million times. They claimed that this is tech industry's failure to protect browsers as they are used more for email, payroll and other sensitive functions. 

Alphabet's Google said it removed more than 70 of the malicious add-ons from its official Chrome Web Store after being alerted by the researchers last month.