McAfee has released a report that identified five extensions that promise to boost your browser but in return are actually stealing your data.
The five malicious browser extensions identified by McAfee, they have almost 1.5 million downloads, with the first Netflix Party having more than 800,000 installs alone.
- Netflix Party
- Full Page Screenshot Capture
- AutoBuy Flash Sale.
These extensions do provide the core functionality promised, but according to McAfee they also inject unwanted code into your browser.
The extension will check to see if it can inject an affiliate revenue code every time you navigate to a new web page, allowing the creators of the extension to profit off your online purchasing, without your consent.
Both the Netflix Party extensions removed from Chrome Web Store. However, the others are still live and available to download. Even though extensions removed, already installed extensions need to be removed manually.
Kaspersky estimated that more than 1.3 million users have been affected by malicious browser extensions in just the first half of 2022 alone. Between January 2020 to June 2022, Kaspersky discovered that more than 4.3 million users had adware hiding in their browser extensions.
Though, Google is constantly removing offending extensions, new ones continue to pop up at an alarming rate.