According to a McAfee blog post published on Monday, malicious Google Chrome extensions are affecting more than one million users. Although extensions are popular and have a range of uses, users should be wary of which extensions they are downloading. Some of these downloads are mimicking the appearance of other legitimate extensions and could put user privacy at risk. McAfee stated that the malicious extensions can redirect users to phishing sits and insert affiliate IDs into cookies on eCommerce sites.
In addition, the malicious extensions could be tracking users’ browsing activity and collecting data. The extension creator could access information that shows which sites were visited by the downloader. Then, it can insert code into eCommerce websites being visited and receive affiliate payment for items the user purchases, McAfee says. During this process, there is an implicit privacy breach to the consumer. The five malicious extensions noted by McAfee were Netflix Party, Netflix Party 2, FlipShope Price Tracker Extension, Full Page Screenshot Tracker, and AutoBuy Flash Sales. Together, these malicious extensions have 1.4 million downloads.
Read More: Malicious Google Chrome extensions affect 1.4 million users