More than 500 browser extensions that have been downloaded by millions of Google Chrome users secretly uploaded users' private browsing data to unauthorized and malicious servers, according to Wired.
Independent researcher Jamila Kaya discovered the fraud scheme with the help of Cisco-owned Duo Security. She identified 71 malicious Chrome extensions that had been downloaded more than 1.7 million times. After reporting the extension problems to Google Chrome, another 430 troublesome extensions were found.
Google has removed all of the known extensions.
When users would download the extensions, they were redirected to ads for Macy's, Dell and other products. What users didn't see was the many of the ads redirected users to malware and phishing sites. Additionally, the extensions sent users to locations to upload data.
"In the case reported here, the Chrome extension creators had specifically made extensions that obfuscated the underlying advertising functionality from users," said Ms. Kaya and Duo Security researcher Jacob Rickerd in their report, according to Wired. "This was done in order to connect the browser clients to a command and control architecture, exfiltrate private browsing data without the users' knowledge, expose the user to risk of exploit through advertising streams, and attempt to evade the Chrome Web Store's fraud detection mechanisms."
To read more, click here.