Widely used Google Chrome extensions compromise browsing data

Five malicious Google Chrome extensions with more than 1.4 million total downloads have been discovered by McAfee researchers to facilitate user browsing data theft, BleepingComputer reports. All of the identified extensions including Netflix Party, Netflix Party 2, Full Page Screenshot Capture - Screenshotting, FlipShope - Price Tracker Extension, and AutoBuy Flash Sales have been tracking users' visits to e-commerce sites and altering cookies to seemingly appear from a referrer link, according to a McAfee report. Researchers found that a multifunctional script loaded by the extensions' web app manifest allows the delivery of browsing data to an attacker-controlled domain. Information being sent to attackers includes users' ID, device location, and an encoded referral URL. The report also showed that some extensions have deferred browser activity sending in an effort to avert detection. Both Netflix Party extensions have already been taken down from the Google Chrome store but the other three remain. Users with the malicious extensions have been advised to manually uninstall them from their browser.