![]() ![]() Let us know if you enjoyed reading this news on LinkedIn Opens a new window, Twitter Opens a new window, or Facebook Opens a new window. So if you still have them installed in your browser, now is the time to uninstall.įull Page Screenshot Capture – Screenshotting Malicious Chrome Extensions Discovered by McAfee Opens a new windowĭetails of the five malicious extensions in question, now removed from the Chrome extension store, are given in the table below. Chrome Opens a new window is the market leader among web browsers, with a 65.12% market share Opens a new window and 188,620 extensions. However, since the extensions fulfill their intended purpose, the underlying technical deception becomes less apparent to unknowing users. Going by McAfee’s blog post on the subject, the authors’ intention seems to be financial gain. See More: Google Chrome Trounced by Mozilla, Safari and Microsoft Edge in Blocking Phishing Sites Opens a new windowĭata collected by the extensions include referral URLs encoded in Base64, users’ names encoded in Base64, and device location (country, city, county, zip code), all of which are sent to d. The extensions’ underlying code is similar, including the type of data being collected and the fact that they have a 15-day delay before their malicious operations are triggered to avoid detection by automated analysis tools. The cumulative downloads for the five malicious extensions stand at 1.4 million users, who should assume their privacy was infringed upon. Click on the Extension icon and toggle off the switch to disable all extensions. McAfee has now discovered four additional extensions: Netflix Party 2, FlipShope – Price Tracker Extension, Full Page Screenshot Capture – Screenshotting, and AutoBuy Flash Sales, that exhibit similar malicious behavior. How to disable all Extensions in Chrome on specific sites with a click. It also inserted affiliate IDs and modified legitimate websites to exfiltrate users’ personally identifiable (PII) data. The author of the malicious Netflix Party went to great lengths to deceive users into trusting and installing the extension through several Twitter accounts and fake reviews websites.īesides performing the functions it was meant to do, Netflix Party redirected users to phishing sites. The companys research stems from the discovery of the PDF Toolbox extension, which loaded arbitrary code on all pages viewed by the. McAfee’s research sprung from the March 2022 discovery of a malicious version of Netflix Party, a Chrome extension designed to enable multiple Netflix users to stream content concurrently. More than 30 malicious Google Chrome extensions identified. Google took down the extensions after reviewing McAfee’s findings. The developers of these five extensions were discreetly inserting affiliate IDs into cookies of eCommerce sites to earn affiliate income based on user purchases. On Twitter, Facebook, Google News, and Instagram.Researchers at McAfee have discovered five Chrome browser extensions that track users’ browsing activity. Although these 5 extensions were found on the Chrome Extensions Store, Google still maintains a security measure which prevents you from installing highly malicious extensions which can cause much more harm than just stealing your browsing data.įollow HT Tech for the latest tech news and reviews, also keep up with us It is absolutely essential that you do not install extensions from outside the Chrome Extensions Store. Keep an eye on the requested permissions as some might pose a risk to your device's security. Whenever you install an extension, it asks for various permissions. McAfee has advised users to check the extensions thoroughly before installing them. ![]() Therefore, this highlights that even though these extensions had millions of downloads combined, they still cannot be fully trusted as they pose a serious security risk. FlipShope – Price Tracker Extension – 80,000 downloadsĥ. Full Page Screenshot Capture – Screenshotting – 200,000 downloadsĤ. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |