Google bans 200 dodgy extensions for data snooping

Research reveals Chrome add-ons are stealing user data

Google has yanked 200 extensions from the Chrome store, after they were revealed to be stealing sensitive data from millions of users. 

The move follows two reports about browser extensions, the small, often free tools that can be installed in Chrome and Firefox to add specific features.

The first report was from the University of California at Santa Barbara, which worked alongside Google to measure the extent of the problem, analysing more than 100 million visits to its pages. 

The research found that 5 per cent of everyone visiting a Google page have at least one malicious extension, and most of those affected have multiple dodgy add-ons. 

Researcher Alexandros Kapravelos said the problem is hard to fix because malicious extensions use the same techniques to collect data as legitimate tools. 

"Even when we have a complete understanding of what the extension is doing, sometimes it is not clear if that behaviour is malicious or not," he told the BBC. "You would expect that an extension that injects or replaces advertisements is malicious, but then you have AdBlock that creates an ad-free browsing experience and is technically very similar."

Indeed, the extension that's the focus of the second report denies it's acting malicously. Web firm ScrapeSentry analysed Chrome extension Webpage Screenshot, finding it collects data from users and sends it to a server in the US.

While the purpose of the tool is, as the name suggests, to take screenshots of webpages, the extension also copies all your browsing data, sending it to an IP address registered in the US. 

"The repercussions of this could be quite major for the individuals who have downloaded the extension," said ScrapeSentry security analyst Cristian Mariolini. "What happens to the personal data and the motives for wanting it sent it to the US server is anyone's guess, but ScrapeSentry would take an educated guess it's not going to be good news.  And of course, if it's not stopped, the plugin may, at any given time, be updated with new malicious functionality as well."

However, a spokesperson for Webpage Screenshot told the BBC that the data wasn't gathered for malicious reasons, but to understand who was using the extension.

Google doesn't appear to believe full browsing history is required for that, and the extension has been removed from its Chrome Web Store

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Windows 11 has problems with Oracle VirtualBox
Microsoft Windows

Windows 11 has problems with Oracle VirtualBox

5 Oct 2021