Site icon TechNewsBoy.com

Malicious Google Chrome extensions affect 1.4 millions users

By Black_Kira — Shutterstock

Google Chrome extensions are meant to make your life easier. With extensions that help you get discounts, correct your grammar, take screenshots and watch shows with friends, downloading an extension can be very tempting. However, malicious extensions are mimicking the appearance of popular ones to put your privacy at risk.

Malicious extensions redirect users to phishing sites and insert affiliate IDs into cookies of eCommerce sites, according to a McAfee blog post. The extensions also track the user’s browsing activity, and every website visited is sent to servers owned by the extension creator. 

The extension creator can then insert code into eCommerce websites being visited by the user, and receive affiliate payment for any items the user purchases. There is an implicit privacy breach to the consumer when the browsing data is shared. 

SEE: Google’s new bug bounty program targets open-source vulnerabilities 

The five malicious extensions McAfee identified were Netflix Party, Netflix Party 2, FlipShope – Price Tracker Extension, Full Page Screenshot Capture – Screenshotting and AutoBuy Flash Sales, with a total install base of over 1.4 million users. The specific extension names and extension code IDs are listed below.

McAfee

The best way to avoid having this happen to you is to be cautious when installing Chrome extensions. McAfee also recommends that the user pay attention to the permissions extension requests that Chrome shows before the installation of the extension. Users should take extra steps to verify the authenticity of the extension before granting any permissions.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@technewsboy.com. The content will be deleted within 24 hours.
Exit mobile version