Home Over 500 Chrome Extensions Were Collecting and Uploading Private User Data

Over 500 Chrome Extensions Were Collecting and Uploading Private User Data

Recently, it was found that about 500 Chrome extensions on the Chrome Web Store have uploaded private browsing data to their own servers. These are potentially owned and controlled by people who want to attack you. Jamila Kaya and other researchers from Cisco-owned Duo Security identified 71 extensions on the Chrome Web Store. These extensions had over 1.7 million installations. After the group of researchers privately told Google about their findings, Google themselves found more than 430 additional extensions.

How did these plugins work?

The Google Chrome Extensions presented themselves as tools but they engaged in Ad fraud by taking the user through questionable sites that have a similar domain to the service it is posing as.

All of the rogue extensions contained almost identical source code! However, the function names were unique between them. The lack of user ratings on these ‘tools’ confused the researchers. This, in effect, made them question how the Google extensions got downloaded in the first place.

chrome extensions

The computers that had these extensions downloaded received a pop-up notification saying that the plugin has been ‘automatically disabled’. The people who followed a link received a warning stating that ‘This extension contains malware’.

Staying Safe on the Internet

In order to keep yourselves safer in the online world, Duo Security have advised people to go through their extensions. For you to delete the extensions that you no longer use and to report the ones that you may not recognise. If users were to be more mindful when online, they’d be safer. A simple fact. Both the user and enterprises involved would be safer if they were provided with more accessible data about the extensions they may download. Whilst we’re on the subject of safety, there is a tool for you to check the security of chrome extensions. Duo Security developed the tool CRXcavator and it is freely available for the public to use.

Google have since removed all of the known ‘bad’ extensions.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.