Chrome extensions can enhance your browsing experience as well as productivity. They are simple programs that help add functionality or customise your Chrome browser on desktop. These extensions make it possible to do things with your Chrome browser, not possible otherwise. However, some of these Chrome extensions may also have malware and pose dangerous security risks. A new security report by McAfee has discovered five extensions that contain malicious malware.
According to the report published on McAfee’s website, these five Chrome extensions are available on the Chrome Web Store. The list, incidentally, also includes an extension made by Google itself.
Names of dangerous Chrome extensions
The five extensions as per the McAfee report include: Netflix Party, Netflix Party 2, FlipShope – Price Tracker, Full Page Screenshot Capture – Screenshotting and AutoBuy Flash Sales.
These extensions have been downloaded 1,400,000-plus times. Here are the details:
What’s the issue with these extensions
According to McAfee’s report, all five extensions have the same issue. The manifest.json sets the background page as bg.html. This HTML file loads b0.js which is responsible for sending page URL and injects code into the e-commere sites.
Basically, the extensions contain malware that sends the page URL to a remote server every time a user visits a website. This checks if affiliate revenue code can be injected to earn revenue from purchases made by the user on e-commerce platforms. For those unaware, affiliate links are a way for websites and content creators to generate revenue as they receive a small percentage of revenue from every purchase made using the link.
McAfee has also reported that some extensions are using delayed methods to inject the affiliate link to prevent early detection. They usually do this after 15 days of extension getting installed.
Although, Google has been working on to eliminate the malwares and malicious extensions from Google Chrome with its new Manifest V3 which is a much better solution compared to the Manifest V2 at blocking remotely hosted codes. However, it is not perfect.
What users should do
As we can see that these extensions have a huge install base, it is recommended that users should remove these five extensions without further delay. While the Netflix Party extensions have been removed, others are still there and some even have the Featured tag on it.
According to the report published on McAfee’s website, these five Chrome extensions are available on the Chrome Web Store. The list, incidentally, also includes an extension made by Google itself.
Names of dangerous Chrome extensions
The five extensions as per the McAfee report include: Netflix Party, Netflix Party 2, FlipShope – Price Tracker, Full Page Screenshot Capture – Screenshotting and AutoBuy Flash Sales.
These extensions have been downloaded 1,400,000-plus times. Here are the details:
What’s the issue with these extensions
According to McAfee’s report, all five extensions have the same issue. The manifest.json sets the background page as bg.html. This HTML file loads b0.js which is responsible for sending page URL and injects code into the e-commere sites.
Basically, the extensions contain malware that sends the page URL to a remote server every time a user visits a website. This checks if affiliate revenue code can be injected to earn revenue from purchases made by the user on e-commerce platforms. For those unaware, affiliate links are a way for websites and content creators to generate revenue as they receive a small percentage of revenue from every purchase made using the link.
McAfee has also reported that some extensions are using delayed methods to inject the affiliate link to prevent early detection. They usually do this after 15 days of extension getting installed.
Although, Google has been working on to eliminate the malwares and malicious extensions from Google Chrome with its new Manifest V3 which is a much better solution compared to the Manifest V2 at blocking remotely hosted codes. However, it is not perfect.
What users should do
As we can see that these extensions have a huge install base, it is recommended that users should remove these five extensions without further delay. While the Netflix Party extensions have been removed, others are still there and some even have the Featured tag on it.