Google Chrome extensions are meant to make your life easier. With extensions that help you get discounts, correct your grammar, take screenshots and watch shows with friends, downloading an extension can be very tempting. However, malicious extensions are mimicking the appearance of popular ones to put your privacy at risk.
Malicious extensions redirect users to phishing sites and insert affiliate IDs into cookies of eCommerce sites, according to a McAfee blog post. The extensions also track the user’s browsing activity, and every website visited is sent to servers owned by the extension creator.
The extension creator can then insert code into eCommerce websites being visited by the user, and receive affiliate payment for any items the user purchases. There is an implicit privacy breach to the consumer when the browsing data is shared.
The five malicious extensions McAfee identified were Netflix Party, Netflix Party 2, FlipShope – Price Tracker Extension, Full Page Screenshot Capture – Screenshotting and AutoBuy Flash Sales, with a total install base of over 1.4 million users. The specific extension names and extension code IDs are listed below.
The best way to avoid having this happen to you is to be cautious when installing Chrome extensions. McAfee also recommends that the user pay attention to the permissions extension requests that Chrome shows before the installation of the extension. Users should take extra steps to verify the authenticity of the extension before granting any permissions.