Google Chrome extensions with 1.4 million downloads found stealing data: check if you have these
Google Chrome is among the most popular web browsers worldwide, thanks to the ability to customise it with themes and extensions that allow users to perform various tasks with just a click. Now, a new report by McAfee claims that they have found five Google Chrome extensions that were stealing users’ browsing data and interestingly, these have been downloaded over 1.4 million times. The extensions offered the promised functionality but there was no visible mention to users about the activity of collecting the browsing data without their notice.
The five Google Chrome extensions in question include Netflix Party, Netflix Party 2, Full Page Screenshot Capture – Screenshotting, FlipShope – Price Tracker Extension and AutoBuy Flash Sales. Netflix Party has over 800,000 downloads, while the Netflix Party 2 Chrome Extension has over 300,000 downloads.
Google Chrome extensions stealing user data
Five Google Chrome extensions are claimed to have been stealing users’ browsing activity. The report claims that these are loaded with a multifunctional script that sends the growing data to a domain that is controlled by the attackers. users’ browsing data is sent to the domain every time they visit a new URL. The information included the user ID, device location, country zip code, and an encoded referral URL.
If any of the visited URLs match any of the listed websites for which the author of the extension has an active affiliate account, the server would respond by inserting the malicious multifunctional script on the visited website. Alternatively, it would also modify a cookie or replace it with the given one to do certain actions. Netflix Play, Netflix Play 2 and AutoBuy Flash sales have been removed from the Extention store. However, the other extensions are still available to download.
The post Google Chrome extensions with 1.4 million downloads found stealing data: check if you have these first appeared on 91mobiles.com.
https://ift.tt/Jjtw7zb
https://ift.tt/DEJVne0
No comments