Malicious Google Chrome extensions affect 1.4 million users
Google Chrome extensions are meant to make your life easier. With Chrome browser extensions that help you get discounts, correct your grammar, take screenshots and watch shows with friends, downloading an extension can be very tempting. However, malicious extensions are mimicking the appearance of popular ones to put your privacy at risk.
Malicious extensions redirect users to phishing sites and insert affiliate IDs into cookies of eCommerce sites, according to a McAfee blog post Monday. The security company says the extensions also track users' browsing activity, and every website visit is sent to servers owned by the extension creator.
The extension creator can then insert code into eCommerce websites being visited by the user, and receive affiliate payment for any items the user purchases. There is an implicit privacy breach to the consumer when the browsing data is shared.
SEE: Google's new bug bounty program targets open-source vulnerabilities
The five malicious extensions McAfee identified were Netflix Party, Netflix Party 2, FlipShope – Price Tracker Extension, Full Page Screenshot Capture – Screenshotting, and AutoBuy Flash Sales, with a total install base of over 1.4 million users. The specific extension names and extension code IDs are listed below.
The best way to avoid being affected is to be cautious when installing Chrome extensions. McAfee also recommends users pay attention to the permissions requests that Chrome shows before installation of the extension. Users should take extra steps to verify the authenticity of the extension before granting any permissions.