Connect with us


Chrome users: Delete these extensions, they’re stealing data

While McAfee says they’re not directly dangerous, you should still delete them.

Google chrome on macbook air
Image: KnowTechie

McAfee’s security researchers have found five Google Chrome extensions that are siphoning off browsing data.

Some of these extensions are incredibly popular, with one having over 800,000 downloads.

They’re all set up to secretly create money for the developer or whoever added the malicious code.

They analyze your browser to see if you are on an e-commerce website. If so, they inject their referrer or affiliate code into your browser cookies.

While McAfee says they’re not directly dangerous, you should still delete them.

Delete these five malicious Chrome extensions

Google chrome logo on purple background for google search
Image: KnowTechie

Again, we’re putting links here to check if you have the extension installed.

Many malware-containing extensions use the same names as other legitimate extensions.

Under no circumstances should you install one of these five:

  • Netflix Party (mmnbenehknklpbendgmgngeaignppnbe) – 800,000 downloads
  • Netflix Party 2 (flijfnhifgdcbhglkneplegafminjnhn) – 300,000 downloads
  • Full Page Screenshot Capture – Screenshotting (pojgkmkfincpdkdgjepkmdekcahmckjp) – 200,000 downloads
  • FlipShope – Price Tracker Extension (adikhbfjdbjkhelbdnffogkobkekkkej) – 80,000 downloads
  • AutoBuy Flash Sales (gbnahglfafmhaehbdmjedfhdmimjcbed) – 20,000 downloads

To continue the scam, the extensions all do what they say they’re supposed to. That makes it harder for users to know they’re being scammed.

All of the extensions also do something that’s not advertised.

That’s creating affiliate cash for the bad actor by injecting their affiliate codes into any online purchases you make.

While Google has removed most of these extensions from the Chrome Web Store, you still need to manually delete them from your browser.

How to delete Chrome extensions from your Chrome browser

  1. Click on the puzzle piece icon next to the address bar

  2. Then, Manage extensionsChrome extensions menu

  3. Remove the extensions from here

This type of malicious code injection is even harder to guard against.

The extensions worked as advertised, with useful features for the user. The reviews are mostly positive, as the affiliate scam wasn’t visible to users.

The only security advice we can give here is to ask yourself, “do you really need this extension?”

If not, remove them from Chrome, or disable them when you’re not actively using them.

Have any thoughts on this? Carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Follow us on Flipboard, Google News, or Apple News

Maker, meme-r, and unabashed geek with nearly half a decade of blogging experience. If it runs on electricity (or even if it doesn't), Joe probably has one around his office somewhere. His hobbies include photography, animation, and hoarding Reddit gold.

Deals of the Day

  1. Paramount+: Live Sports Starting at $2.50/mo. for 12 Mos. Sports - Try It Free w/ code: SPORTS
  2. Save $20 on a Microsoft365 subscription at Best Buy with a Best Buy Membership!
  3. Try Apple TV+ for FREE and watch all the Apple Originals
  4. Save $300 on a Segway at Best Buy, now $699

More in Security