Google has removed 106 malicious Chrome extensions that have been caught collecting sensitive user data.
The 106 extensions are part of a batch of 111 Chrome extensions that have been identified as malicious in a report published today by cyber-security firm Awake Security.
Awake says these extensions posed as tools to improve web searches, convert files between different formats, as security scanners, and more.
But in reality, Awake says the extensions contained code to bypass Google’s Chrome Web Store security scans, take screenshots, read the clipboard, harvest authentication cookies, or grab user keystrokes (such as passwords).