News
Chrome users: Delete these extensions, they’re stealing data
While McAfee says they’re not directly dangerous, you should still delete them.
Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.
McAfee’s security researchers have found five Google Chrome extensions that are siphoning off browsing data.
Some of these extensions are incredibly popular, with one having over 800,000 downloads.
They’re all set up to secretly create money for the developer or whoever added the malicious code.
They analyze your browser to see if you are on an e-commerce website. If so, they inject their referrer or affiliate code into your browser cookies.
While McAfee says they’re not directly dangerous, you should still delete them.
Delete these five malicious Chrome extensions
Again, we’re putting links here to check if you have the extension installed.
Many malware-containing extensions use the same names as other legitimate extensions.
Under no circumstances should you install one of these five:
- Netflix Party (mmnbenehknklpbendgmgngeaignppnbe) – 800,000 downloads
- Netflix Party 2 (flijfnhifgdcbhglkneplegafminjnhn) – 300,000 downloads
- Full Page Screenshot Capture – Screenshotting (pojgkmkfincpdkdgjepkmdekcahmckjp) – 200,000 downloads
- FlipShope – Price Tracker Extension (adikhbfjdbjkhelbdnffogkobkekkkej) – 80,000 downloads
- AutoBuy Flash Sales (gbnahglfafmhaehbdmjedfhdmimjcbed) – 20,000 downloads
To continue the scam, the extensions all do what they say they’re supposed to. That makes it harder for users to know they’re being scammed.
All of the extensions also do something that’s not advertised.
That’s creating affiliate cash for the bad actor by injecting their affiliate codes into any online purchases you make.
While Google has removed most of these extensions from the Chrome Web Store, you still need to manually delete them from your browser.
This type of malicious code injection is even harder to guard against.
The extensions worked as advertised, with useful features for the user. The reviews are mostly positive, as the affiliate scam wasn’t visible to users.
The only security advice we can give here is to ask yourself, “do you really need this extension?”
If not, remove them from Chrome, or disable them when you’re not actively using them.
Have any thoughts on this? Carry the discussion over to our Twitter or Facebook.
Editors’ Recommendations:
- New Acer Chromebook is eco-friendly and repairable
- Google Chrome’s RSS reader might finally come to desktop
- TikTok’s in-app browser can track every tap you make
- Is Google Chrome’s Incognito Mode really as private as you think?
Follow us on Flipboard, Google News, or Apple News
