We’ve just learned that a popular and highly rated Google Chrome extension called Webpage Screenshot collects private information and sells it to third parties. The problem is that the extension has already been downloaded by over a million users so far.
Usually, Google is pretty good at filtering out malware-laden extensions, but this one used a particularly nasty ploy to evade Google’s defenses. Webpage Screenshot actually contains a “sleep function” to get around active malware defenses and activates a week after it has been downloaded.
Once activated, the spyware collects sensitive information and transmits it to a New York IP address: 18.104.22.168.
It is apparent that just because apps are available from a trusted source, in this case the Google Store, it doesn’t mean they are benign. Hackers play on trust to infect millions of users daily. Clearly, vendors must strengthen their detection methodology.
To learn more about this, click here to read Emsisoft’s article.
If you are an XSolutions client and have downloaded Webpage Screenshot from the Google Store, contact us immediately so we can remove it from your system. If you’re not an XSolutions’ client — perhaps you should be?
Have questions or concerns? Give us a call at (845) 362-9675.
XSolutions is a Managed Services Provider (MSP) and provides 24/7/365 remote monitoring, proactive workstation and server maintenance, Help Desk Services, Cloud & Hosted Services, Backup/Disaster Recovery, and Software Development. Call us at (845) 362-9675 and learn how we can help your company.