5 Malicious Chrome Extensions Discovered By Mcafee

McAfee’s researchers found five Chrome extensions to track user’s online movements. These five add-ons were built by people secretly tracking users’ online shopping habits and injecting their affiliate IDs into the cookies of e-commerce sites.

After examining McAfee’s findings, Google removed the add-ons. In March of 2022, McAfee discovered a malicious version of Netflix Party, a Chrome extension that allows several users to view videos from Netflix at once.

The creator of the malicious Netflix Party used multiple Twitter identities and bogus review websites to fool consumers into installing the extension. In addition to its intended features, Netflix Party linked viewers to malicious phishing websites.

To steal users’ personal information (PII), it changed legal webpages and inserted affiliate IDs. Since then, McAfee has found four more extensions (Netflix Party 2, FlipShope – Price Tracker Extension, Full Page Screenshot Capture – Screenshotting, and AutoBuy Flash Sales) are harmful in the same ways.

It’s safe to infer that the privacy of the 1.4 million people who have downloaded the five malicious extensions combined has been compromised. Both wings collect comparable types of information and use a 15-day wait before launching malicious operations, which helps them sneak past automated analysis tools.

The extensions gather and send to d.langhort.com information such as referral URLs, user names (also encoded in Base64), and the geographic location of the user’s device (country, city, county, and zip code).

McAfee’s blog post suggests the authors’ motivation is financial gain. Since the extensions do what they’re supposed to, the underlying technical deceit is less noticeable to uninitiated consumers.

5 Malicious Chrome Extensions Discovered By Mcafee
5 Malicious Chrome Extensions Discovered By Mcafee

Chrome has a 65.12% market share and 188,620 extensions, making it the most used web browser. The following table describes the five harmful extensions recently deleted from the Chrome extension store. Now is the moment to remove them from your browser if you haven’t already done so.

Extension Name: Overt Purpose: Downloads

  1. Netflix Party: Concurrent streaming: 800,000
  2. Netflix Party 2: Concurrent streaming: 300,000
  3. FlipShope–Price Tracker Extension: Coupon discovers and auto application: 80,000
  4. Full Page Screenshot Capture–Screenshotting: Web page screenshots: 200,000
  5. AutoBuy Flash Sales: Identify and grab offers: 20,000