MOUNTAIN See ( SF / CNN) — Google Chrome extensions downloaded much more than 32 million instances had been employed to spy on the well-liked browser’s end users in a large worldwide surveillance campaign, in accordance to a new report.

The report, from cybersecurity company Awake Protection, located at least 111 “malicious or fake” Chrome extensions capable of taking screenshots, stealing login credentials and capturing passwords as end users typed them. The campaign impacted a broad array of sectors such as monetary companies, healthcare and government organizations, it additional.

Extensions make it possible for end users to include functions and abilities to their browsers, this kind of as a not too long ago well-liked a single that enables a number of laptops to stream Netflix shows simultaneously and one more from Google that lets users flag suspicious sites.

But the new report highlights the possible for fraudulent extensions to do harm and compromise a broad assortment of programs.

“The actors behind these activities have established a persistent foothold in almost every network,” researchers at Awake explained.

Google confirmed that all the browser extensions flagged by Awake have considering that been eliminated.

“We appreciate the work of the research community, and when we are alerted of extensions … that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses,” Google spokesperson Scott Westover explained in a statement offered to CNN Enterprise. “We do regular sweeps to find extensions using similar techniques, code, and behaviors, and take down those extensions if they violate our policies.”

Awake linked all the extensions related with the spying campaign back to Galcomm, an Israeli internet internet hosting corporation that claims to handle all around 250,000 browser domains.

“By exploiting the trust placed in it as a domain registrar, Galcomm has enabled malicious activity that has been found across more than a hundred networks we’ve examined,” Awake researchers explained in the report, including that they located much more than 15,000 Galcomm domains that had been “malicious or suspicious.”

Galcomm did not promptly react to a request for comment from CNN Enterprise, but the company’s proprietor denied wrongdoing in a statement to Reuters, which initial reported on Awake’s findings.

“Galcomm is not involved, and not in complicity with any malicious activity whatsoever,” Moshe Fogel advised Reuters. Google did not comment on Galcomm’s purpose in the campaign.

Google Chrome extensions have been linked to cyberattacks in the previous, such as as not too long ago as February this 12 months. The corporation has taken numerous methods to increase the browser’s privacy and safety protections, Westover explained.

“In addition to disabling the accounts of developers that violate our policies, we also flag certain malicious patterns we detect in order to prevent extensions from returning,” he additional.

© Copyright 2020 Broadcasting Inc. All Rights Reserved. This materials may possibly not be published, broadcast, rewritten. CNN contributed to this report.