Browser extensions undoubtedly make everyday life easier and offer many useful functions. From color pipettes to screenshot tools, everything is included. However, the latest example of Chrome extensions shows that these add-ons are not always just there to do work for you or to help you.
Google has one a notice McAfee removed five extensions from the Chrome store for a total of 1.4 million downloads. These are said to have tracked browser history and inserted tracking code into certain websites.
A good example of an add-on that doesn’t mean any harm to you and can sweeten your everyday life can be found here:
I don’t want to be without it anymore
How a browser add-on improves my everyday PC life
You should delete these extensions
Among the browser apps that wanted your data were two that allowed you to watch Netflix with friends at the same time. Also included: A screenshot tool for websites and extensions that find and apply coupons for online shops.
The problem is that it’s not enough for Google to remove the add-ons from the store, as that doesn’t uninstall the extensions for users. So you have to take action yourself if you still use the following add-ons:
- Netflix Party (not to be confused with TeleParty)
- Netflix Party 2
- Full Page Screenshot Capture
- FlipShope – Price Tracker
- AutoBuy Flash Sales
Netflix Party in particular was a relatively successful add-on with over 800,000 downloads that may have wanted to profit from TeleParty’s name change. TeleParty offers the possibility to watch content on Netflix with your friends at the same time and also to pause it for everyone at the same time.
TeleParty used to be called “Netflix Party” just like the add-on in question here, until the developers had to change the name for legal reasons. Presumably, some users could be lured to the data trap.
This is how the add-ons used your data
The add-ons not only performed their actual function, but also spied on the browsing history, a list of visited websites and sent personal data to the developers’ servers. Among them were a unique identifier, country, city and zip code of the user.
When the visited page matched a webpage on the ecommerce server list, the visited webpage’s cookies were rewritten via JavaScript, allowing the extension’s developers to receive affiliate payments.
To avoid being discovered, some extensions had a 15-day waiting period programmed in. Only after this time the hidden activities were started.
What also sneaks into your computer is a new type of virus, about which you can find out more here:
Be careful with USB devices: New virus spreads offline on Windows PC
Did you have one of the extensions installed? What similar incidents do you know? Do you use browser extensions at all? Feel free to write it in the comments!