Google bans 200 dodgy extensions for data snooping

Research reveals Chrome add-ons are stealing user data

Google has yanked 200 extensions from the Chrome store, after they were revealed to be stealing sensitive data from millions of users. 

The move follows two reports about browser extensions, the small, often free tools that can be installed in Chrome and Firefox to add specific features.

The first report was from the University of California at Santa Barbara, which worked alongside Google to measure the extent of the problem, analysing more than 100 million visits to its pages. 

The research found that 5 per cent of everyone visiting a Google page have at least one malicious extension, and most of those affected have multiple dodgy add-ons. 

Advertisement - Article continues below
Advertisement - Article continues below

Researcher Alexandros Kapravelos said the problem is hard to fix because malicious extensions use the same techniques to collect data as legitimate tools. 

"Even when we have a complete understanding of what the extension is doing, sometimes it is not clear if that behaviour is malicious or not," he told the BBC. "You would expect that an extension that injects or replaces advertisements is malicious, but then you have AdBlock that creates an ad-free browsing experience and is technically very similar."

Indeed, the extension that's the focus of the second report denies it's acting malicously. Web firm ScrapeSentry analysed Chrome extension Webpage Screenshot, finding it collects data from users and sends it to a server in the US.

While the purpose of the tool is, as the name suggests, to take screenshots of webpages, the extension also copies all your browsing data, sending it to an IP address registered in the US. 

"The repercussions of this could be quite major for the individuals who have downloaded the extension," said ScrapeSentry security analyst Cristian Mariolini. "What happens to the personal data and the motives for wanting it sent it to the US server is anyone's guess, but ScrapeSentry would take an educated guess it's not going to be good news.  And of course, if it's not stopped, the plugin may, at any given time, be updated with new malicious functionality as well."

However, a spokesperson for Webpage Screenshot told the BBC that the data wasn't gathered for malicious reasons, but to understand who was using the extension.

Advertisement - Article continues below

Google doesn't appear to believe full browsing history is required for that, and the extension has been removed from its Chrome Web Store

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020

Dell XPS 13 (New 9300) hands-on review: Chasing perfection

14 Jan 2020