EITHER Google Chrome It is the most popular browser in the world, far from alternatives such as Safari, Edge, Firefox, among others. It is also an extremely tempting target for illicit activities such as those that have now been detected and reported.
At stake are several popular extensions for Google Chrome, which between them have more than 1.4 million users. The discovery was made by McAfee’s cybersecurity team, who identified the five extensions that were stealing user data.
Google Chrome extensions had over 1.4 million users and stole a lot of data
Five extensions for the Internet browser are at stake, namely:
- netflix Party,
- netflix Party 2,
- Full page screenshot: screenshot,
- FlipShope – Price Tracker Extension
- Auto buy flash sales.
Among this collection, the extensions netflix party Y netflix party 2 were the most popular, with the most active users. More specifically, they allowed several users to simultaneously view the same content on the transmission of movies and series, an innocuous purpose.
These extensions essentially synchronized the content so that a certain group of friends watched the same episode at the same time. Its explosion of popularity has occurred in recent years, also as a consequence of the pandemic context and the reinvention of the usage patterns of these content platforms.
The extensions stole usage data, visit history, and other data
According to the security agency’s findings, these extensions were “loaded” with a script multifunction that, in addition to legitimate tasks, also performed other operations. More specifically, it downloaded the browsing history to a domain remotely controlled by the attacker.
In practice, every time the user of these extensions visited a new website, this record was sent to the controlled domain, but there is more. Data such as user ID, device location information, zip code, and other personal information was included in the data sent to the attacker’s domain.
Finally, Google has already removed the Netflix Play, Netflix Play 2 and AutoBuy Flash Sales extensions from its Chrome Web Store. The other two extensions remain online, but you would be wise to remove them from your browsers.