Any untrusted software that you install could be dangerous. Whether it’s a mobile app, a PC game, or a browser extension, it could be stealing your data. This week, security researchers at McAfee Labs highlighted five Chrome extensions that can track your browsing activity. 1.4 million Chrome users have installed these extensions to date, and chances are that none of them knew exactly what the extensions were doing in the background.
Delete these malicious Chrome extensions ASAP
These extensions appear to be unrelated at first glance. Some let users watch Netflix shows with friends, others track prices, and one takes screenshots.
What they each have in common is that they send a log of every website you visit to a server owned by the creator. McAfee says that they do this in order to “insert code into eCommerce websites,” which allows the creators to modify cookies so they receive affiliate payments for anything you buy. They’re surreptitiously making money off of strangers.
Here are the malicious extensions and the number of times they’ve been downloaded:
- Netflix Party | 800,000 downloads
- Netflix Party 2 | 300,000 downloads
- Full Page Screenshot Capture – Screenshotting | 200,000 downloads
- AutoBuy Flash Sales | 20,000 downloads
If you want to see the malicious behavior in action, check out McAfee’s video below:
This discovery shows just how risky it can be to download any Chrome extensions, no matter how popular they are. Just because hundreds of thousands of people have downloaded the extension doesn’t mean it’s safe to install on your browser.
As McAfee explains in its blog post, these extensions are shockingly good at hiding their true purpose. Some extensions don’t start performing the malicious actions until at least 15 days after a user installs them. That way, we’re even less likely to be suspicious.
Needless to say, if you have any of the Chrome extensions above, delete them now.
UPDATE | 9/13: A previous version of this article included FlipShope, a price tracking extension. The team behind the extension got in touch with us to vehemently dispute McAfee’s claims, has published an updated extension, and we have removed the extension from the list.