Google Chrome extensions downloaded more than 32 million times were used to spy on the popular browser’s users in a massive global surveillance campaign, according to a new report.

The report, from cybersecurity firm Awake Security, found at least 111 “malicious or fake” Chrome extensions capable of taking screenshots, stealing login credentials and capturing passwords as users typed them. The campaign impacted a wide range of sectors including financial services, healthcare and government organizations, it added.

Extensions allow users to add features and capabilities to their browsers, such as a recently popular one that allows multiple laptops to stream Netflix shows simultaneously and another from Google that lets users flag suspicious websites.

But the new report highlights the potential for fraudulent extensions to do harm and compromise a wide variety of systems.