McAfee researchers detect malicious Chrome extensions

What’s going on

McAfee researchers detected five Chrome extensions that were tracking a user’s browser activity without their knowledge. They were downloaded a total of 1.4 million times before Google removed them from their store.

why does it matter

Keeping malicious extensions away completely is an almost impossible task, so consumers should be careful when installing any kind of browser extension.

Google removed a handful of browser extensions from its Chrome Web Store that were downloaded a total of 1.4 million times after third-party cybersecurity researchers determined the extensions were surreptitiously tracking their users’ online activities.

In a blog post published this week, McAfee researchers highlighted five extensions that allow users to do things like watch Netflix shows together, track deals on retail sites, and take screenshots of websites. The problem was that, in addition to doing what they promised, the extensions tracked their users’ browser activity.

“Users of extensions are unaware of this functionality, and the privacy risk of each site visited is sent to the servers of the extension authors,” the researchers wrote in their blog post.

According to McAfee, each website a user visited was sent to the extension’s creator so that the code could be inserted into the e-commerce sites users visited, allowing the extension’s authors to receive affiliate payments for any item. that the user bought.

A Google spokesperson confirmed Wednesday that the five extensions noted in McAfee’s report have been removed from the Chrome extensions store.

Extensions are add-ons that consumers can download and use to modify browsers like Chrome, Safari, and Firefox. Bits of software can do things like block ads, integrate with password managers, and find coupons as you put items in your shopping cart. An extension allows users to change the mouse cursor from an arrow to something more fun like a sword or a slice of pizza.

Just like the apps available for smartphones, there are over 100,000 extensions available for Chrome alone, along with more for the other browsers. While Google and the other vendors say that they scan all extensions available in their stores, inevitably some malicious extensions do manage to slip through.

Earlier this year, McAfee researchers detected several Chrome extensions from the Netflix impostor party redirecting users to phishing sites and stealing users’ personal information, though it appears they were only installed a combined 100,000 times.

While an extension that’s popular enough to have been downloaded hundreds of thousands of times may appear legitimate, McAfee researchers said their research shows that’s not always the case. They said consumers should be cautious when it comes to extensions and look carefully at what kind of data an extension requests access to before installing it.

Specifically, they said consumers should take extra steps to ensure an extension is authentic if it asks for permission to run on all listed websites, as recently detected malicious extensions did.

Leave a Comment