Chrome Extensions with More than 1.4 Million Installs are Infected

Must Read
Sienna Rowley
Sienna Rowley
Sienna is an editor at Cloud Host News. She is an internet enthusiast, always eager to explore the latest trend in the tech space. She is a modest family woman who loves traveling in her free time.

McAfee, an award-winning Antivirus and VPN, discovered five Google Chrome extensions that steal users’ browsing activity.

These malware-infected extensions track the users while they visit the eCommerce website and modify the visitor’s cookie so it seems the visitor came through the referrer links. Threat actors do so to get the commission from affiliate links.

McAfee found the following five extensions to be malicious:

  • Netflix Party (mmnbenehknklpbendgmgngeaignppnbe) – 800,000 downloads
  • Netflix Party 2 (flijfnhifgdcbhglkneplegafminjnhn) – 300,000 downloads
  • Full Page Screenshot Capture – Screenshotting (pojgkmkfincpdkdgjepkmdekcahmckjp) – 200,000 downloads
  • FlipShope – Price Tracker Extension (adikhbfjdbjkhelbdnffogkobkekkkej) – 80,000 downloads
  • AutoBuy Flash Sales (gbnahglfafmhaehbdmjedfhdmimjcbed) – 20,000 downloads

The threat actors have intelligently crafted the extensions making it difficult for victims to identify any suspicious activity. We recommend you uninstall the extensions if you have them on your system.

According to McAfee’s report, the manifest.json file loads a multifunctional script that sends the browsing data to the domain controlled by threat actors.

Whenever the user visits a new URL, the data is transferred with POST requests. The data comprising the base64 form URL reaches the threat actor. The URL includes encoded URL, ID, device location such as city, Zipcode, etc.

Are you looking for more software news? Then, stay tuned for the latest software news from top tech industries.

- Advertisement -spot_img
Latest News

SparkyLinux 6.6 Now Available to Download

Debian-based GNU/Linux distro, SparkyLinux has got a new update Sparky 6.6 named as Po Tolo. Based on Debian 11, Sparky...
- Advertisement -spot_img

More Articles Like This