Third party extensions improve your experience using your computer or phone. But some of these are laced with malicious malware that could compromise your data privacy or even cost you money. A recent security report by McAfee found five of such malicious Google Chrome extensions which have been installed over £1.4 million.
Discover our latest podcast
Bad extensions
McAfee’s Threat Research Team discovered these extensions available on the Chrome Web Store. They include: ‘Netflix Party’ extensions, ‘FlipShope — Price Tracker Extension’, ‘Full Page Screenshot Capture — Screenshotting’, and ‘AutoBuy Flash Sales’. The team found that each of these extensions had been installed more than 20,000 times.
The extensions offer various functions such as enabling users to watch Netflix shows together, website coupons, and taking screenshots of a website.
Apart from offering the intended functionality, the extensions also track the user’s browsing activity. Every website visited is sent to servers owned by the extension creator. They do this so that they can insert code into eCommerce websites being visited.
Risk
According to the report, the users of the extensions are unaware of this functionality and the privacy risk of every site being visited being sent to the servers of the extension authors.
Google has been working to protect its stores from being infiltrated with malicious apps, but some still manage to find their way to users’ devices. The anti-virus and cybersecurity company, McAfee is advising users to be cautious when installing Chrome extensions.
The permissions will be shown by Chrome before the installation of the extension. Customers should take extra steps to verify the authenticity if the extension is requesting permissions that enable it to run on every website you visit such as the one detailed in this blog
Read more:
⋙ Google warns Gmail users about new cyberattack that can read their emails
⋙ Google won't be answering these silly questions any more
⋙ Google Chrome: The internet giant urgently warns users about a major security flaw