Google has removed browser extensions with more than 1.4 million downloads from the Chrome Web Store after third-party researchers reported that they were surreptitiously tracking users’ browsing history and entering the tracking code on the specific e-commerce sites they visited.
The five extensions Reported by McAfee It aims to offer various services, including the ability to stream Netflix videos to groups of people, take screenshots, and automatically find and apply coupon codes. Behind the scenes, the company’s researchers said, the extensions kept a playlist of every site a user visited and took additional actions when users reached specific sites.
The plugins send the name of each visited site to the dedicated developer site d.langhort.com, along with a unique ID, country, city, and zip code for the visiting device. If the visited site matches a list of e-commerce sites, the developer domain directs extensions to include JavaScript on the visited page. The code modified the site’s cookies so that the extension authors receive affiliate payments for any items purchased.
To help keep activity confidential, some extensions are programmed to wait 15 days after installation before beginning to collect data and enter code. The selected extensions from McAfee are:
Noun | Attachment ID | Users |
Netflix party | mmnbenehknklpbendgmgngeaignppnbe | 80000 |
Netflix Party 2 |
flijfnhifgdcbhglkneplegafminjnhn | 300,000 |
FlipShope – Price Tracker Extension |
adikhbfjdbjkhelbdnffogkobkekkkej | 80000 |
Full page screenshot – screenshot |
pojgkmkfincpdkdgjepkmdekcahmckjp | 200,000 |
Flash sales for automatic purchase | Ghbna GlfafMahbid Majeed FdMjkbd | 20000 |
As of Wednesday, all five extensions have been removed from the Chrome Web Store, a Google spokesperson said. Removing extensions from their servers is different from uninstalling extensions from 1.4 million infected devices. People who have installed extensions have to manually check their browsers and make sure that they are no longer working.