Google Chrome extensions can improve your browsing experience but some may also carry malware and pose threat to user security. Computer security software company McAfee Software India Private Limited says it has discovered five Chrome extensions allegedly involved in malicious activity. The findings have been published in a detailed blog post.
In the report, authors Oliver Devane and Vallabh Chole alleged these Chrome extensions offer many functions and use cases from allowing users to watch Netflix shows together, to getting website coupons, and taking screenshots of a website, but they may be tracking user data in the background.
Every time a user visits a website, the report says, the page URL is sent to remote servers owned by the creators of the extension. Users may not be aware of this.
“They do this so that they can insert code into eCommerce websites being visited,” the report says, adding “this action modifies the cookies on the site so that the extension authors receive affiliate payment for any items purchased.”
The five extensions that McAfee mentions in the report include Netflix Party, Netflix Party 2, FlipShope – Price Tracker, Full Page Screenshot Capture – Screenshotting and AutoBuy Flash Sales. They have a combined install base of over 1,400,000.
Ecom Shopping Solutions LLP (FlipShope) has denied the allegations against it. In an email sent to financialexpress.com, FlipShope said that it was “not involved in any malicious activities,” and have said that they have sent a notice to McAfee. As per the Bangalore based start-up, the extension does not “send user data to its server without any user facing functionality,” and that “no one can find a single incidence of using set cookies for affiliate purposes,” against it.
Netflix Party extension, which is mentioned in the report, has been flagged by McAfee before. Earlier this year, the security firm said this extension cloned the original Netflix Party extension that allows groups of people to watch Netflix shows together at the same time. Only, the fake version is said to track all the websites visited by the user and misuses them for malicious activities.
McAfee had reported about several malicious Chrome Extensions in March which, once installed, may redirect users to phishing sites, insert Affiliate IDs and modify legitimate websites to gather personally identifiable information (PII) of users. According to the report, these extensions were being purportedly widely used in India, USA and Europe.
The company has advised users to be extra cautious when installing any Chrome extension and be watchful about the permissions they grant them thereafter.