A new research found the extensions for Google Chrome, those small add-ons that make the popular browser more functional, are actually quite a big security risk
Researchers published a new report, based on an analysis of 1,237 Google Chrome extensions available for download at the Chrome Web Store.
Almost half of the extensions analyzed (48.66%) have either high or very high-risk impact, meaning they’re highly likely to be storing sensitive, personally identifiable data.
All the various extensions that are available for download, writing add-ons such as Grammarly are considered the most data-hungry ones. 79.5% collect at least one data point. These types of extensions collect the most data types.
Writing extensions as the riskiest of the bunch, as they’re asking for the most permissions. All of this makes them carry one of the highest average risk impact scores, 3.7/5.
Extensions in shopping category were found to be equally worrisome, as almost two-thirds (64.9%) collect user data. With an average risk impact score of 3.9/5, this makes them the most potentially harmful ones out there.
Some of the extensions won’t work properly without being given the right permissions, it is important to only choose extensions coming from trusted developers.
Users should be vigilant, as a developer can always turn bad actor, while reviews and ratings could be bought/tampered with by bots.
this research was documented by researchers from data protection firm incogni.