Google Chrome Extensions Are Tracking User Activity: McAfee report

The global computer security software company, McAfee in their recently released report has confirmed what many industry experts have always feared. The handy extensions that we add to our Chrome browsers to add certain features or functionalities are trying everything they can to infringe on our privacy.

It has been found that these browser extensions are not simply tracking user activity, a fact that most internet users have already made peace with, but now have moved one step ahead and are carefully adding affiliate IDs into cookies of eCommerce sites to earn affiliate commission whenever the user is making a purchase.

Google, taking in consideration the latest findings in the report, has removed the extensions that were found guilty.

The McAfee report details how their internal team of researchers has found at least five Google Chrome extensions, collectively downloaded over 1.4 million times in recent times, indulging in unfair means.

Most of these extensions offer various features to the browser users including permitting multiple users to share and watch Netflix on a single subscription, full-page screenshots capabilities, and e-commerce website price tracking.

The Chrome users who were using these extensions were apparently oblivious of this privacy breach and the risk of every internet activity site being visited being sent to the servers of the extension authors.

“We discovered an interesting trick in a few of the extensions that would prevent malicious activity from being identified in automated analysis environments.

They contained a time check before they would perform any malicious activity. This was done by checking if the current date is > 15 days from the time of installation,” McAfee added in an official blog post.

The extensions being used to track user’s activity and insert code are –

Extension Downloads

Netflix Party – 800,000

Netflix Party 2 – 300,000

FlipShope – Price Tracker Extension – 80,000

Full Page Screenshot Capture – Screenshotting – 200,000

AutoBuy Flash Sales – 20,000

McAfee, in its official blog post, has also advised users to be cautious while installing extensions on their devices and asked users to verify the permissions being requested by the extensions.

These Chrome extensions usually include referral URLs encoded in Base64, users’ names encoded in Base64, and device location (country, city, county, zip code). According to McAfee post, extension authors were primarily targeting financial gains from the users purchase activity on the browser.