Chrome extensions with 1.4 million installs secretly track visits and enter codes

Chrome extensions with 1.4 million installs secretly track visits and enter codes

Google has removed browser extensions with more than 1.4 million downloads from the Chrome Web Store after third-party researchers reported that they were surreptitiously tracking users’ browsing history. and insert tracking codes into the specific e-commerce websites they visited.

Five extensions flagged by McAfee purportedly provides various services, including the ability to stream Netflix videos to groups of people, take screenshots, and automatically find and apply coupon codes. Behind the scenes, the extensions keep an active list of each website a user has visited, and take additional actions when a user visits the site, the company’s researchers say. specific websites.

The extensions sent the name of each website visited to the website specified by the developer, along with a unique identifier and the accessing device’s country, city, and zip code. access. If the visited site matches the list of e-commerce sites, the developer’s domain instructs the extensions to insert JavaScript into the visited page. The code modified the cookies for the site so that extension authors received affiliate payments for any items purchased.

To help maintain operational secrecy, some extensions have been programmed to wait 15 days after installation before starting to collect data and insert code. The extensions that McAfee has identified are:

Name Extension ID User
Netflix Party mmnbenehknklpbendgmgngeaignppnbe 800,000 won

Netflix Party 2

fljfnhifgdcbhglkneplegafminjnhn 300,000 won

FlipShope – Price tracker extension

adikhbfjdbjkhelbdnffogkobkekkkej 80,000 won

Take a full page screenshot – Take a screenshot

pojgkmkfincpdkdgjepkmdekcahmckjp 200,000 yen
Vending buy fast gbnahglfafmhaehbdmjedfhdmimjcbed 20,000 won

As of Wednesday, all five extensions have been removed from the Chrome Web Store, a Google spokesperson said. Removing the extension from its servers is not the same as uninstalling the extension from the 1.4 million infected devices. Those who have installed extensions should check their browsers manually and make sure they are no longer running.

Source link


News5s: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button