bodyType

customContents

entityId

printArticlePageQuery

filter

article

body

urlAlias

articleSectionsContent

articleSeoArticle

articleSourceHeaderArticle

contentSchemaRenderContent

contentSubHeadlineContent

contentHeadlineContent

mainImagePrintArticleArticle

authorBlockPrintArticleArticle

contentSponsorTagContent

articlePianoPaywallContent

scmpYoutubeContent

hooksTrackPageViewArticle

query printArticlePageQuery(
  $entityId: String!
  $customContents: [CustomContentInput]
  $bodyType: BodyFormatTypeEnum
) {
  article(filter: {entityId: $entityId}) {
    entityId
    body(customContents: $customContents, type: $bodyType) {
      json
    }
    urlAlias
    ...articleSectionsContent
    ...articleSeoArticle_3o8td4
    ...articleSourceHeaderArticle
    ...contentSchemaRenderContent
    ...contentSubHeadlineContent
    ...contentHeadlineContent
    ...mainImagePrintArticleArticle
    ...authorBlockPrintArticleArticle
    ...contentSponsorTagContent
    ...articlePianoPaywallContent
    ...scmpYoutubeContent
    ...hooksTrackPageViewArticle
    id
  }
}

fragment articlePianoPaywallContent on Content {
  __isContent: __typename
  ...hooksPaywallPromiseContent
}

fragment articleSectionsContent on Content {
  __isContent: __typename
  sections {
    value {
      ...helpersCheckIfNewsSectionInFirstIndexSection
      ...entityLink
      name
      id
    }
  }
}

fragment articleSeoArticle_3o8td4 on Article {
  ...hooksArticleSeoArticle
  ...helpersCheckIsPostiesArticle
  ...helpersGetArticleTypeArticle
  entityId
  publishedDate
  updatedDate
  summary {
    text
  }
  subHeadline {
    text
  }
  body(customContents: $customContents, type: $bodyType) {
    text
  }
  keywords
  sections {
    value {
      name
      id
    }
  }
  topics {
    name
    entityId
    id
  }
  urlAlias
  authors {
    name
    id
  }
  images {
    style(filter: {style: "768x768"}) {
      url
    }
  }
  readingTime
}

fragment articleSourceHeaderArticle on Article {
  urlAlias
  ...entityLink
}

fragment authorBlockPrintArticleArticle on Article {
  ...defaultArticleDateContent
  ...authorNamesArticle
}

fragment authorNameAuthor on Author {
  ...entityLink
  name
  entityUuid
}

fragment authorNamesArticle on Article {
  authorLocations
  authors {
    entityId
    location
    ...authorNameAuthor
    id
  }
}

fragment blockquoteQuoteContent on Content {
  __isContent: __typename
  ...contentShareWidgetContent
}

fragment checkersCheckContentContainsStarlingImageContent on Content {
  __isContent: __typename
  topics {
    entityId
    id
  }
}

fragment contentHeadlineContent on Content {
  __isContent: __typename
  headline
  socialHeadline
  ...contentHeadlineTagContent
  ...helpersUseContentSponsorContent
}

fragment contentHeadlineTagContent on Content {
  __isContent: __typename
  ...hooksContentHeadlineTagContent
}

fragment contentNewsletterWidgetContent on Content {
  __isContent: __typename
  topics {
    relatedNewsletters {
      ...helpersMassageToNewsletterItemNewsletter
      id
    }
    id
  }
  sections {
    value {
      relatedNewsletters {
        ...helpersMassageToNewsletterItemNewsletter
        id
      }
      id
    }
  }
  ... on Article {
    relatedNewsletters {
      ...helpersMassageToNewsletterItemNewsletter
      id
    }
  }
}

fragment contentSchemaRenderContent on Content {
  __isContent: __typename
  ...blockquoteQuoteContent
  ...imageContent
  ...inlineWidgetContent
  ...photoGalleryWidgetContent
  ...scmpYoutubeContent
}

fragment contentShareWidgetContent on Content {
  __isContent: __typename
  entityId
  urlAlias
  shortUrl
  socialHeadline
  headline
}

fragment contentSponsorTagContent on Content {
  __isContent: __typename
  ...helpersUseContentSponsorContent
}

fragment contentSubHeadlineContent on Content {
  __isContent: __typename
  subHeadline {
    json
  }
  summary {
    json
  }
  ...contentSchemaRenderContent
}

fragment defaultArticleDateContent on Content {
  __isContent: __typename
  ...hooksArticleDateUtilsContent
}

fragment entityLink on BaseWithApplicationAndUrlAlias {
  __isBaseWithApplicationAndUrlAlias: __typename
  __typename
  entityId
  entityUuid
  urlAlias
  urlRedirect {
    toUrl
    id
  }
  application {
    entityId
    id
  }
  ... on Section {
    fullSectionPath {
      entityId
      id
    }
    parentSection
  }
  ...helpersAppBarVariantBase
  ...helpersApplicationBase
  ...helpersCheckIsPlusArticle
  ...helpersStyleSectionContent
}

fragment helpersAppBarVariantBase on BaseWithApplicationAndUrlAlias {
  __isBaseWithApplicationAndUrlAlias: __typename
  ...helpersCheckIsLiveArticle
  ...helpersCheckIsPlusPage
  ...helpersCheckIsPostiesArticle
  ...helpersCheckIsPostiesPage
  ...helpersCheckIsPostMagazineArticle
  ...helpersCheckIsStyleArticle
  ...helpersSectionContent
  ...helpersStyleSectionContent
}

fragment helpersApplicationBase on BaseWithApplicationAndUrlAlias {
  __isBaseWithApplicationAndUrlAlias: __typename
  ...helpersCheckIsPostiesArticle
  ...helpersCheckIsPostiesPage
  ...helpersCheckIsPlusPage
}

fragment helpersCheckIfNewsSectionInFirstIndexSection on Section {
  name
}

fragment helpersCheckIsAmpEnabledArticle on Article {
  entityId
  types {
    value {
      entityId
      id
    }
  }
  sections {
    value {
      entityId
      id
    }
  }
  disableOffPlatformContent
  sponsorType
  published
  ...helpersCheckIsPlusArticle
  ...helpersCheckIsPostiesArticle
}

fragment helpersCheckIsLiveArticle on Article {
  flattenTypeIds
  liveArticle {
    status
    id
  }
}

fragment helpersCheckIsMainTopicContent on Content {
  __isContent: __typename
  topics {
    entityId
    id
  }
}

fragment helpersCheckIsPlusArticle on Content {
  __isContent: __typename
  ... on Article {
    paywallTypes {
      entityUuid
      id
    }
  }
}

fragment helpersCheckIsPlusPage on Page {
  urlAlias
}

fragment helpersCheckIsPostMagazineArticle on Article {
  sections {
    value {
      entityId
      id
    }
  }
}

fragment helpersCheckIsPostiesArticle on Article {
  sections {
    value {
      entityId
      id
    }
  }
}

fragment helpersCheckIsPostiesPage on Page {
  urlAlias
}

fragment helpersCheckIsStyleArticle on Content {
  __isContent: __typename
  sections {
    value {
      entityId
      id
    }
  }
}

fragment helpersGetArticleTypeArticle on Content {
  __isContent: __typename
  ... on Article {
    types {
      value {
        entityId
        id
      }
    }
  }
}

fragment helpersMassageToNewsletterItemNewsletter on Newsletter {
  entityId
  name
  alternativeName
  description {
    text
  }
  summary {
    text
  }
  homepageDescription {
    text
  }
}

fragment helpersSanitizeArticleTypeEntityIdsArticle on Article {
  types {
    value {
      entityId
      id
    }
  }
}

fragment helpersSanitizeAuthorTypesArticle on Article {
  authors {
    types
    id
  }
}

fragment helpersSanitizedAuthorEntityIdsArticle on Article {
  authors {
    entityId
    id
  }
}

fragment helpersSectionContent on Section {
  fullSectionPath {
    entityId
    id
  }
}

fragment helpersStyleSectionContent on Section {
  fullSectionPath {
    entityId
    id
  }
}

fragment helpersUseContentSponsorContent on Content {
  __isContent: __typename
  topics {
    entityId
    sponsor {
      ...sponsorTagSponsor
      name
      type
      id
    }
    id
  }
  ... on Article {
    sponsorType
  }
  ...helpersCheckIsMainTopicContent
}

fragment hooksArticleDateUtilsContent on Content {
  __isContent: __typename
  createdDate
  publishedDate
  updatedDate
}

fragment hooksArticleSeoArticle on Article {
  ...helpersCheckIsPostiesArticle
  ...helpersCheckIsPostMagazineArticle
  ...helpersCheckIsStyleArticle
  ...hooksContentHeadlineTagContent
  ...helpersCheckIsAmpEnabledArticle
  entityId
  headline
  socialHeadline
  types {
    value {
      entityId
      id
    }
  }
  authors {
    entityId
    id
  }
  images {
    generic_og: style(filter: {style: "og_image_scmp_generic"}) {
      url
    }
    styles(filter: {styles: ["og_image_posties_article", "og_postmag", "og_image_style", "og_image_scmp_analysis", "og_image_scmp_explainer", "og_image_scmp_editorial", "og_image_scmp_fact_check", "og_image_scmp_debate", "og_image_scmp_live", "og_image_scmp_obituary", "og_image_scmp_opinion", "og_image_scmp_review", "og_image_scmp_series", "og_image_scmp_generic"]}) {
      url
      style
    }
    type
  }
  urlAlias
}

fragment hooksContentHeadlineTagContent on Content {
  __isContent: __typename
  __typename
  ... on Article {
    types {
      value {
        name
        entityId
        description {
          text
        }
        id
      }
    }
    ...helpersCheckIsStyleArticle
  }
  flag
  sections {
    value {
      name
      id
    }
  }
  ...hooksContentHelperContent
}

fragment hooksContentHelperContent on Content {
  __isContent: __typename
  ...helpersSanitizeArticleTypeEntityIdsArticle
  ...helpersSanitizeAuthorTypesArticle
  ...helpersSanitizedAuthorEntityIdsArticle
  flag
}

fragment hooksPaywallPromiseContent on Content {
  __isContent: __typename
  entityId
  ...helpersCheckIsPostiesArticle
}

fragment hooksTrackPageViewArticle on Article {
  entityId
  publishedDate
  headline
  sections {
    value {
      name
      id
    }
  }
  urlAlias
  authors {
    name
    id
  }
  entityUuid
}

fragment imageContent on Content {
  __isContent: __typename
  headline
  ...checkersCheckContentContainsStarlingImageContent
}

fragment inlineWidgetContent on Content {
  __isContent: __typename
  ...contentNewsletterWidgetContent
}

fragment mainImagePrintArticleArticle on Article {
  images {
    title
    url
    isSlideshow
    size_652x446: style(filter: {style: "652x446"}) {
      url
    }
  }
}

fragment photoGalleryDialogContent on Content {
  __isContent: __typename
  __typename
  ...contentShareWidgetContent
}

fragment photoGalleryWidgetContent on Content {
  __isContent: __typename
  ...photoGalleryDialogContent
}

fragment scmpYoutubeContent on Content {
  __isContent: __typename
  entityId
  urlAlias
  publishedDate
}

fragment sponsorTagSponsor on Sponsor {
  name
  type
  images {
    url
  }
}


sections

types

disableOffPlatformContent

sponsorType

published

headline

socialHeadline

authors

images

publishedDate

updatedDate

summary

subHeadline

keywords

topics

readingTime

authorLocations

entityUuid

Reuters

A newly discovered spyware effort attacked users through 32 million downloads of extensions to Google’s market-leading Chrome web browser, researchers at Awake Security told Reuters, highlighting the technology industry’s failure to protect browsers as they are used more for email, payroll and other sensitive functions.
Alphabet’s Google said it removed more than 70 of the malicious add-ons from its official Chrome Web Store after being alerted by the researchers last month.
“When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses,” Google spokesman Scott Westover told Reuters.
Most of the free extensions purported to warn users about questionable websites or convert files from one format to another. Instead, they siphoned off browsing history and data that provided credentials for access to internal business tools.
Google faces US$5 billion lawsuit in US for tracking ‘private’ internet use
Based on the number of downloads, it was the most far-reaching malicious Chrome store campaign to date, according to Awake co-founder and chief scientist Gary Golomb.
Google declined to discuss how the latest spyware compared with prior campaigns, the breadth of the damage, or why it did not detect and remove the bad extensions on its own despite past promises to supervise offerings more closely.
It is unclear who was behind the effort to distribute the malware. Awake said the developers supplied fake contact information when they submitted the extensions to Google.
“Anything that gets you into somebody’s browser or email or other sensitive areas would be a target for national espionage as well as organised crime,” said former National Security Agency engineer Ben Johnson, who founded security companies Carbon Black and Obsidian Security.
This shows how attackers can use extremely simple methods to hide, in this case, thousands of malicious domains
Gary Golomb, Awake Security co-founder
The extensions were designed to avoid detection by antivirus companies or security software that evaluates the reputations of web domains, Awake’s Golomb said.
If someone used the browser to surf the web on a home computer, it would connect to a series of websites and send information, the researchers found. Anyone using a corporate network, which would include security services, would not send the sensitive information or even reach the malicious versions of the websites.
“This shows how attackers can use extremely simple methods to hide, in this case, thousands of malicious domains,” Golomb said.
After this story’s publication, Awake released its research, including the list of domains and extensions.
Financial gain trumps espionage as top motivator in cyberattacks, according to report
All of the domains in question, more than 15,000 linked to each other in total, were bought from a small registrar in Israel, Galcomm, known formally as CommuniGal Communication.
Awake said Galcomm should have known what was happening.
In an email exchange, Galcomm owner Moshe Fogel told Reuters that his company had done nothing wrong.
“Galcomm is not involved, and not in complicity with any malicious activity whatsoever,” Fogel wrote. “You can say exactly the opposite, we cooperate with law enforcement and security bodies to prevent as much as we can.”
Fogel said there was no record of the inquiries Golomb said he made in April and again in May to the company’s email address for reporting abusive behaviour, and he asked for a list of suspect domains. Reuters sent him that list three times without getting a substantive response.

The Internet Corp for Assigned Names and Numbers, which oversees registrars, said it had received few complaints about Galcomm over the years, and none about malware.
While deceptive extensions have been a problem for years, they are getting worse. They initially spewed unwanted advertisements, and now are more likely to install additional malicious programs or track where users are and what they are doing for government or commercial spies.
Malicious developers have been using Google’s Chrome Store as a conduit for a long time. After one in 10 submissions was deemed malicious, Google said in 2018 that it would improve security, in part by increasing human review.
Why CIA couldn’t stop theft of its most powerful hacking tools
But in February, independent researcher Jamila Kaya and Cisco Systems’ Duo Security uncovered a similar Chrome campaign that stole data from about 1.7 million users. Google joined the investigation and found 500 fraudulent extensions.
“We do regular sweeps to find extensions using similar techniques, code and behaviours,” Google’s Westover said, in identical language to what Google gave out after Duo’s report.



Massive spying on users of Google’s Chrome web browser shows new security weakness

Google’s Chrome logo is seen with cyber code and the words “spy” in this illustration picture taken June 18. Photo: Reuters

FILE PHOTO: Small toy figures are seen in front of Google logo in this illustration picture, April 8, 2019. REUTERS/Dado Ruvic/Illustration/File Photo

The spyware campaign attacked users through 32 million downloads of extensions to Google’s Chrome web browser. Most of these extensions purported to warn users about questionable websites or convert files from one format to another. Photo: Reuters

Tech

Big Tech

Business

Companies


Google said it removed more than 70 of the malicious add-ons from its official Chrome Web Store after being alerted by researchers last month
Those free extensions siphoned off browsing history and data that provided credentials for access to internal business tools



A newly discovered spyware effort highlights the technology industry’s failure to protect browsers as they are used more for email, payroll and other sensitive functions.


Google

Cybersecurity

Internet

Technology

Massive spying on users of Google’s Chrome web browser shows new security weakness

Google said it removed more than 70 of the malicious add-ons from its official Chrome Web Store after being alerted by researchers last month Those free extensions siphoned off browsing history and data that provided credentials for access to internal business tools

Google said it removed more than 70 of the malicious add-ons from its official Chrome Web Store after being alerted by researchers last month

Those free extensions siphoned off browsing history and data that provided credentials for access to internal business tools