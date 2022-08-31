Google Chrome extensions can improve your chrome browsing experience but over the years many malicious extensions have mushroomed. A latest McAfee report highlights 5 Google Chrome extensions that could steal your data and are a big threat to your privacy. Worst is that these extensions have an install base of more than 1,400,000 meaning many Chrome users are unknowingly using these infected extensions.

The report says that while these extensions offer various functions such as enabling users to watch Netflix shows together, website coupons, and taking screenshots of a website, they also track users’ browsing activity by sending the page URL to a remote server every time a website is visited by the user.

Every website visited is sent to servers owned by the extension creator. They do this so that they can insert code into eCommerce websites being visited. This action modifies the cookies on the site so that the extension authors receive affiliate payment for any items purchased,” McAfee states in its blog post.

The list of these malicious extensions includes the name of ‘Netflix Party’ extension which was reported by the security firm earlier this year for its malicious activities. The report said that this extension cloned the original Netflix Party extension that allows groups of people to watch Netflix shows together in the same time. Only, the fake version tracks all the websites visited and misuses them for malicious activities.

These five malicious extensions are:

— Netflix Party which has more than 8000,000 users so far.

— Netflix Party 2 that saw more than 3,00,000 downloads so far.

— FlipShope which has got 80,000 users so far.

— Full Page Screenshot Capture that was downloaded 2,00,000 times so far.

— AutoBuy Flash Sales that amassed 20,000 users so far.

McAfee this year in March had found several malicious Chrome Extensions which, once installed, redirect users to phishing sites, inserted Affiliate IDs and modified legitimate websites to gather personally identifiable information (PII) data. According to the report, these extensions were widely used in India, USA and Europe.