+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Google Chrome extensions are being used to track user activity and earn affiliate commission, says a McAfee report

Sep 1, 2022, 13:33 IST
Business Insider India
Representational image.Unsplash
  • A McAfee report has revealed that malicious Google Chrome extensions are being used to track users and earn affiliate commission.
  • The company has identified five extensions with over 1.4 million downloads.
  • The extensions reportedly add code when a user visits e-commerce websites, allowing the creator to earn affiliate commission.
Advertisement
A report by cyber security company McAfee has revealed that several malicious Google Chrome extensions are being used to track user activity and insert code into websites.

According to the McAfee report, the company has found five Google Chrome extensions that have been collectively downloaded over 1.4 million times. The extensions offer features such as allowing users to watch Netflix with their friends, capture full-page screenshots and track prices on e-commerce websites.

What are the extensions doing?


According to McAfee, the Google Chrome extensions track users’ browsing activity and send a list of websites that the extension’s creator visits. Then, the extension is used to insert code into the e-commerce websites being visited, allowing the creator to receive affiliate payments from the e-commerce websites.

Extensions used to insert code


The extensions being used to track user’s activity and insert code are –

ExtensionDownloads
Netflix Party800,000
Netflix Party 2300,000
FlipShope - Price Tracker Extension80,000
Full Page Screenshot Capture - Screenshotting200,000
AutoBuy Flash Sales20,000

The users of these extensions are reportedly unaware that these extensions are being used to track their activity and insert code for affiliate commission.
Advertisement


“The users of the extensions are unaware of this functionality and the privacy risk of every site being visited being sent to the servers of the extension authors,” McAfee said in its blog post.

Some extensions reportedly use “time delays” to avoid detection.

“We discovered an interesting trick in a few of the extensions that would prevent malicious activity from being identified in automated analysis environments. They contained a time check before they would perform any malicious activity. This was done by checking if the current date is > 15 days from the time of installation,” McAfee added.

McAfee, in its post, has also advised users to be cautious while installing extensions on their devices and asked users to verify the permissions being requested by the extensions.

SEE ALSO:

Tejas Mark-2 project reportedly approved by the Cabinet Committee on Security

Amid reports of ban on Chinese budget smartphones, Mukesh Ambani reveals Reliance Jio and Google are working on an affordable 5G smartphone

Google foldable phone patent spotted, expected to launch next year
Advertisement
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article