Google

Malicious Google Chrome extension sends browsing activity to hackers

Built Google Chrome extensions direct users’ browsing activities to unknown threat actors. McAfee security researchers have discovered this and are now warning about potential vulnerabilities. It involves five Google Chrome extensions that steal users’ browsing activity.

These are very popular extensions for Chrome: the extensions have been downloaded about 1.4 million times so far. That reports that Magic Hat Online Magazine. The malicious extensions monitor when users visit an e-commerce website. Then the visitor’s cookie is changed to show that he came through a referring link. As a result, the authors of the extensions receive an affiliate fee for every purchase after the click.

This trick is not new and only harms the website administrators at first. However, there are new “lures” that cybercriminals use. They are lured with alleged extensions to Netflix or for price comparisons.

Possible additional vulnerabilities

In addition, McAfee fears that the people behind it also have vulnerabilities in the web browser that could exploit, to perform further manipulations on user systems. A case like this only occurred a few days ago. Websites have unsolicited access to the clipboard and can thus exploit a risky security vulnerability.

McAfee has detected the following five malicious extensions:

  • Netflix party
  • Netflix party 2
  • Capture full page screenshot
  • FlipShope – price tracking extension
  • AutoBuy Flash Sales

As a victim, malicious intent goes undetected as the extensions perform their advertised functions. According to McAfee, using the extensions currently has no direct impact on the user, but does pose a privacy risk.

Hide extensions

The extensions have their own way of evading analysis. They also confused McAfee in the test because there is a 15-day delay from installation before the first tampering. The two Netflix extensions have already been removed and can no longer be installed. However, the others are still available in the Chrome Web Store. McAfee recommends that you stop using the extensions.

Recent Posts

Google Health: A bug is currently really annoying Pixel Watch users

An annoying software error is currently plaguing many owners of the Google Pixel Watch. The…

6 hours ago

Pixel Watch 5: Leak shows the design of the new Google smartwatch in advance

After the new Google smartphones in the Pixel 11 series, official marketing images of the…

6 hours ago

Epson is in court: first lawsuit over planned obsolescence

A French consumer protection association is taking Epson to court. The accusation is of planned…

6 hours ago

EU brings Meta to its knees: ChatGPT is running again in WhatsApp chat

After a months-long exclusion by the Facebook group Meta, the well-known AI chatbot ChatGPT has…

6 hours ago

Good news for Windows 11: Microsoft is banning advertising from search

Microsoft is fundamentally redesigning the search in Windows 11. The operating system loses advertising, forced…

6 hours ago

iOS 27 public beta is here: Apple starts the test phase for all iPhone users

Interested users can now install the first public beta version of iOS 27 on their…

6 hours ago