The reason why the Chrome browser is so popular among users and is the browser with the highest actual share today is that in addition to its excellent performance, its rich plug-in extensions bring great convenience to users.

However, security company Awake recently reported that 111 malicious or fake Chrome plug-ins have serious problems such as taking screenshots without permission, reading the clipboard, stealing credentials, and monitoring keystrokes.

After Awake reported these extensions to Google, Google took immediate action and removed these problematic plug-ins.

However, Awake said that these plug-ins have been downloaded more than 32 million times, making this the largest malicious campaign against Chrome users.

Awake said in the official blog post: "So far, these malicious extensions have been downloaded at least 32962951 times, and this is only the download statistics from the Chrome Web Store in May 2020. And some extensions have been downloaded more than 10 million times.”

While it's unclear who is behind this massive campaign and how many users were affected, the domain used by the attackers is from a company based in Israel.

Awake said: "Of the 26,079 accessible domain names registered through GalComm, 15,160 domain names, or nearly 60% of the domain names, are malicious or suspicious: through various evasion techniques, these domain names have avoided being solved by most security solutions The plan was to label the activity as malicious so that the activity would go unnoticed."