Browser Extension Risks – The Wild Wild West

Photo by Keila Hötzel on Unsplash

Browser Extension Risks – The Wild Wild West

Browser extensions are used to customize your web browser, such as google chrome, firefox, or brave. A lot of times, computer repair shops will even add ones for you to help block ads, and manage cookies from sites that you visit.

Researchers have found that there were 500 Google Chrome browser extensions that had been secretly uploading private browsing information to malicious servers, and then redirecting users to malicious infected websites. These browser extensions (all now removed by Chrome) were downloaded a couple million times from Google’s Chrome Web Store.

Researchers had found that “[t]hese extensions were commonly presented as offering advertising as a service. Through collaboration, we were able to take the few dozen extensions and… identify 70 matching their patterns across 1.7 million users and escalate our concerns to Google.” – Jamila Kaya, an independent security researcher.

Read more from the analysis from DUO here: https://duo.com/labs/research/crxcavator-malvertising-2020

“Browser extensions are the Wild Wild West of the internet,” – states Ameet Naik, a Security Evangelist at PerimeterX.

There are approximately 200,000 extensions available on the Chrome store alone. What most users don’t realize is that extensions have full access to all of the data on a page including your email, banking information and credit card numbers. While many extensions provide value added services, there is little to stop them from collecting and abusing user data.”

 


It is important to ensure that the browser extensions you install deserve your trust. Luckily, there are services out there and researchers that do the investigation for you. If you are concerned with your privacy, there is a great website called:

https://www.privacytools.io/

Learn all about safe and secure sites and browser extensions above.

Of course, if you need any assistance setting anything up, or have any questions, feel free to contact us!