- A
McAfee report has revealed that maliciousGoogle Chrome extensions are being used to track users and earn affiliate commission. - The company has identified five extensions with over 1.4 million downloads.
- The extensions reportedly add code when a user visits e-commerce websites, allowing the creator to earn affiliate commission.
According to the McAfee $4, the company has found five Google
According to McAfee, the Google Chrome extensions track users’ browsing activity and send a list of websites that the extension’s creator visits. Then, the extension is used to insert code into the e-commerce websites being visited, allowing the creator to receive affiliate payments from the e-commerce websites.
The extensions being used to track user’s activity and insert code are –
The users of these extensions are reportedly unaware that these extensions are being used to track their activity and insert code for affiliate commission.
“The users of the extensions are unaware of this functionality and the privacy risk of every site being visited being sent to the servers of the extension authors,” McAfee said in its blog post.
Some extensions reportedly use “time delays” to avoid detection.
“We discovered an interesting trick in a few of the extensions that would prevent malicious activity from being identified in automated analysis environments. They contained a time check before they would perform any malicious activity. This was done by checking if the current date is > 15 days from the time of installation,” McAfee added.
McAfee, in its post, has also advised users to be cautious while installing extensions on their devices and asked users to verify the permissions being requested by the extensions.
SEE ALSO:
$4
$4
Google foldable phone patent spotted, expected to launch next year>$4