Massive Spying Operation Targeting Millions Of Google Chrome Users Tied to Israeli FirmChris Menahan
Jun. 18, 2020
Chick-Fil-A CEO Gets On His Knees, Shines Rapper's Shoes, Says White Christians Must 'Repent' For 'Shame' of Racism
Kim Gardner's Revenge: McCloskeys Hit With Search Warrant, Cops Seize Rifle Used to Defend Against Mob
Chicago: 'Black Lives Matter' Mural Painted Over to Read 'All Lives Matter'
Harvard Grad Claira Janover Never Had A Job At Deloitte But Is Set to Cash In On GoFundMe For Being 'Fired'
Detroit: 20-Yr-Old Black Supremacist Films Himself Beating Up Elderly Nursing Home Patients
A massive spying operation deemed "the most far-reaching malicious Chrome store campaign to date" targeting millions of Google Chrome users has been linked to an Israeli firm, according to a report from researchers at Awake Security.
From Reuters, "Exclusive: Massive spying on users of Google's Chrome shows new security weakness":
A newly discovered spyware effort attacked users through 32 million downloads of extensions to Google's market-leading Chrome web browser, researchers at Awake Security told Reuters, highlighting the tech industry's failure to protect browsers as they are used more for email, payroll and other sensitive functions.Here is Awake's full report and a text list of 111 malicious extension IDs.
Here's what some of the malicious software and websites looked like:
Though ICANN regularly shuts down websites for using false registration information for opsec reasons, GalComm was allowed to skirt all the rules, according to Awake.
"Throughout our research, we uncovered domains used for hosting malicious Chrome extensions, exfiltrating data, command and control, etc. All of these domains had something in common: they were all registered through a particular registrar: GalComm or Gal Communication (CommuniGal) Ltd (as shown in WHOIS). In fact, in 2019 , our threat researchers noticed that GalComm was becoming a common thread in our interactions with our customers. Since then, our analysis shows that almost 60% of the domains we have observed registered with this registrar are high risk for organizations," Awake reported.
"[O]ur investigation found the United States Food and Drug Administration’s Office of Regulatory Affairs Health Fraud Branch (HFB) filed an abuse complaint in 2019 against GalComm for a website selling non-FDA approved abortion pills Mifepristone and Misoprostol to US consumers. While this specific complaint is not believed to be tied to nefarious activities included in this report, datapoints like this help paint a picture about the type of registrants (end users) seeking GalComm," Awake said.
The Jerusalem Post reported Wednesday that another Israeli firm, GlobeKeeper, is in talks to partner with multiple US states for a "contact tracing" spy app, despite privacy concerns.
Politico reported in September 2019 that the US government concluded that Israel appears to have placed stingray cell phone spying devices near the White House and throughout Washington DC to spy on the president and congress.
"[T]here were no consequences for Israel's behavior," Politico said, citing a former White House official.
Even though the US economy is imploding and the country is potentially on the brink of a civil war, the US congress is moving quietly and swiftly to give Israel a minimum of $38 billion in military aid.
Follow InformationLiberation on Twitter, Facebook, Gab and Minds.