Researchers find multiple Chrome extensions secretly tracking users

Google Chrome logoAnalytics code deeply hidden in popular Google Chrome extensions is being used to track users across the Web, in different browser tabs, and without user consent.

Swedish company Detectify Labs made this discovery, and its researchers are pointing the finger at popular extensions like HooverZoom, SpeakIt, ProxFlow, Instant Translate, FB Color Changer, SafeBrowse, JavaScript Error Notifier, SuperBlock AdBlocker, and more.

According to Detectify researchers, the extensions that engage in such practices are doing it without obtaining user consent, have the tracking feature enabled by default, and also have dodgy user privacy policies to begin with.

Detectify's team has observed Chrome extensions track not only the user's browser history but also data from cookies, secret access tokens from Facebook Connect and links to private Dropbox or Google Drive files.

While it is understandable for analytics providers to be interested in getting their grubby little hands on user details through any means they can, the methods employed via Chrome extensions are bordering criminal activity.

The analytics providers where all this information ends up are providing anyone with an open wallet access to the sensitive data. The researchers even signed up for one such service and after sifting through the warehoused data, they were able to find internal PDFs uploaded to AWS servers, Intranet URLs that could compromise a company's internal network structure, and common URLs used by employees on targeted competitors.

Researchers even observed one sneaky analytics SDK that included a self-updating functionality that would work even if the extension was never updated. This allowed the analytics company to update the tracking code and add new functionality, even if the extension's author abandoned his project.

Detecting such extensions is also tricky since most of them use a separate extension process in the browser's background to carry out their snooping activities.

Above all, researchers blame the extensions' authors who, in their quest to monetize their code, allow such snakes to nestle in their add-ons.

"We’ve seen some indications on Chrome Extension-forums that it’s around $0.04 per user/month," says Linus Särud and Frans Rosén of Detectify Labs. "For plugins with over tens and hundreds of thousands of users that equals [to] a substantial amount of monthly income."

As for Firefox add-ons, the researchers analyzed only one extension and found it to have a similar functionality.

Source: Softpedia

Tags: browsers, Chrome, Google, security

Add comment

Your name:
Sign in with:
Your comment:

Enter code:

E-mail (not required)
E-mail will not be disclosed to the third party

Last news

Galaxy Note10 really is built around a 6.7-inch display
You may still be able to download your content
Facebook, Messenger and Instagram are all going away
Minimize apps to a floating, always-on-top bubble
Japan Display has been providing LCDs for the iPhone XR, the only LCD model in Apple’s 2018 line-up
The 2001 operating system has reached its lowest share level
The entire TSMC 5nm design infrastructure is available now from TSMC
The smartphone uses a Snapdragon 660 processor running Android 9 Pie
The Samsung Galaxy A5 (2017) Review
The evolution of the successful smartphone, now with a waterproof body and USB Type-C
February 7, 2017 / 2
Samsung Galaxy TabPro S - a tablet with the Windows-keyboard
The first Windows-tablet with the 12-inch display Super AMOLED
June 7, 2016 /
Keyboards for iOS
Ten iOS keyboards review
July 18, 2015 /
Samsung E1200 Mobile Phone Review
A cheap phone with a good screen
March 8, 2015 / 4
Creative Sound Blaster Z sound card review
Good sound for those who are not satisfied with the onboard solution
September 25, 2014 / 2
Samsung Galaxy Gear: Smartwatch at High Price
The first smartwatch from Samsung - almost a smartphone with a small body
December 19, 2013 /

News Archive



Do you use microSD card with your phone?
or leave your own version in comments (15)