informa
1 MIN READ
Quick Hits

Malicious Chrome Extensions Plague 1.4M Users

Analysts find five cookie-stuffing extensions, including one that's Netflix-themed, that track victim browsing and insert rogue IDs into e-commerce sites to rack up fake affiliate payments.

Researchers have flagged five separate malicious Chrome extensions masquerading as Netflix viewers and more. They track user activity and insert code into any e-commerce sites they visit, letting cyberattackers steal payments through the retailer affiliate programs. 

McAfee Labs analysts found the Chrome extensions being marketed to let users watch Netflix in groups, automatically clip coupons, and take screenshots. All together, the apps have been downloaded 1.4 million times, they found. 

“Browser extensions are the Wild Wild West of the Internet," says Uriel Maimon, head of emerging products at Human Security. "There are approximately 200,000 extensions available on the Chrome store alone. What most users don’t realize is that extensions have full access to all of the data on a page including your email, banking information and credit-card numbers. While many extensions provide value-added services, there’s little to stop them from collecting and abusing user data.”

The McAfee team has been working on tracking down malicious Chrome extensions, and its latest report is part of that project, researchers wrote in a recent blog about their findings. The researchers warn end users to take extra precautions to verify an extension's safety if it asks for additional permissions. 

"This blog highlights the risk of installing extensions, even those that have a large install base as they can still contain malicious code," they said. 

Editors' Choice
Haris Pylarinos, Founder and CEO, Hack The Box
Robert Lemos, Contributing Writer, Dark Reading