Connect with us

Hi, what are you looking for?

The American GeniusThe American Genius

Business News

Many Chrome extensions are actually malware, even Netflix Party!

You would think most Chrome extensions are safe, but McAfee just found many to be malware, including the popular Netflix Party.

computer coding representing chrome extension malware

Do you use extensions with Google Chrome? If so, and seriously who doesn’t, you definitely need to check to make sure these five are not included. The five extensions under malware scrutiny are:

  1. Netflix Party                                                              Users: 800,000  

Extension ID: mmnbenehknklpbendgmgngeaignppnbe  

  1. Netflix Party 2                                                          Users:  300,000

Extension ID: flijfnhifgdcbhglkneplegafminjnhn      

  1. FlipShope – Price Tracker                                       Users: 80,000    

Extension ID: adikhbfjdbjkhelbdnffogkobkekkkej

  1. Full Page Screenshot Capture – Screenshotting             Users: 200,000

Extension ID:pojgkmkfincpdkdgjepkmdekcahmckjp

  1. AutoBuy Flash Sales                                               Users: 20,000

Extension ID: gbnahglfafmhaehbdmjedfhdmimjcbed

Threat analysts with McAfee, a U.S.-based computer security company, have identified issues with the five popular Chrome extensions above, deeming their software as malicious. These malicious programs steal users’ browsing data. They can then monitor when the person whose information has been stolen visits an e-commerce website, without the user being aware. The hackers can then change the user’s cookie to appear as if they came through a referrer link, giving the maker of the malware extensions affiliate sale commissions when the user makes a purchase. This lets them make money off of users, spy on what other people do on their own browsers, and bypass affiliate link regulations. Obviously, this is a big problem.

Another issue is that these five Chrome extensions have been downloaded over 1.4 million times combined. The sneaky hackers went one step further in their attempts to try and keep their malware from going undetected. Each of the extensions, when viewed from a user standpoint, seems to function as promised. In fact, they each had all of the intended functionalities. It was not apparent that there was anything wrong or that the information was being altered and viewed. In addition, some of the extensions made it so that the information would not start being shared until 15 days after it was installed, in yet another attempt to evade being noticed. 

Luckily, McAfee analysts live for this kind of thing and were able to identify the issues so that more people will not be affected adversely. They discovered, for example, that the data from each of the five extensions were delivered in a similar way, giving the hackers access to the URL, the user’s ID, a referral URL, and most alarmingly, location information down to the device’s city, zip code, and country. For more information on exactly how the cookies and URLs were changed in real-time, you can view this video McAfee posted to their YouTube channel.

Advertisement. Scroll to continue reading.

While, fortunately, none of the five extensions are still available in the Chrome Webstore, it is important to double-check your computer to see if they are installed. They were not automatically uninstalled from browsers when removed from the Chrome Web Store. This will have to be done manually, which is at least not too difficult of a process.

If the extension’s icon is visible to the right of the address bar, right-click on the icon and select Remove from Chrome. If the icon is not visible, open Chrome. At the top right, click the three descending dots> More Tools> Extensions. Click Remove on the extension you want to remove and confirm by clicking Remove again.

Allison Snider is a freelance writer and owner of AllieWritesCreatively. She is passionate about raising awareness for chronic illnesses and ending the stigma around mental health. In her free time, you can find Allison hiking with her wife, Sara, and two dogs, Stella and Sophie.

Click to comment

Leave a Reply

Your email address will not be published.

The
American Genius
news neatly in your inbox

Subscribe to our mailing list for news sent straight to your email inbox.

Advertisement

KEEP READING!

Tech News

If you do most of your work in a browser, you'll fall in love with this to do list extension.

Tech News

(TECHNOLOGY) TL;DV makes catching up on video team meetings slightly more tolerable and easily digestable.

Social Media

(Social Media) Reddit's UI hasn't always been super intuitive. 'Deck for Reddit' organizes your feed into themed columns, making it way more user-friendly.

Tech News

(TECH NEWS) If you are tired of third party cookies trying to grab every bit of data about you, google has heard and responded...

The American Genius is a strong news voice in the entrepreneur and tech world, offering meaningful, concise insight into emerging technologies, the digital economy, best practices, and a shifting business culture. We refuse to publish fluff, and our readers rely on us for inspiring action. Copyright © 2005-2022, The American Genius, LLC.