For any help from WNCGreenBuilding

Call Us Now :

Web browsers are our digital space where we stuff our personal information and expect to be safe. The website that scrawls sensitive data is supposed to keep it protected and private but is your data completely safe?

No, not completely.

A detailed report by a cybersecurity researcher Sam Jadali explains that major security issue was discovered. He added, 8 browsers are found for the extensions of Google Chrome and Mozilla firefox who were stealing personal data from several users. The extensions are collecting a massive of personal data from web browsers and selling this data to third parties.

The leak has been so severe, that it has been termed “Catastrophic”.  The individual users are not the only victim of this data theft but there are major organizations which happen to have faced the same issues.

More or less every operating system has been affected, so it really doesn’t matter what you use. Whether you are using Windows, macOS, Chrome OS, and even Linux Distros, if you have integrated these extensions in your browsers than stay absolutely sure that they are stealing your data.

The unauthorized data stole from millions of users includes sensitive information such as medical records, financial information (credit card info), online shopping history, GPS locations, travel itineraries and more.

These extensions leaks data from 45 large-scale companies and over 4 million users to a fee-based service called “Nacho Analytics”.

These enormous data leak has been named DataSpii by Sam Jadali and his team.

What data are collected by the 8 malicious extensions?

These malicious addons gathered user’s browsing data that revealed private information of users. Apart from this several major organization’s data such as Apple, Skype, Walmart, Amazon, and SpaceX were also compromised. Any of the data collection was never authorized by any individual or any company. 

The list of Personal data leaks are listed below:

  • Credit Card Information
  • Genetic Profiles
  • Online shopping history
  • Medical Records
  • Usernames and Passwords
  • Gender specifications
  • Personal Interests
  • GPS location
  • Tax returns
  • File attachments
  • Genealogy
  • Travel Itineraries
  • Cloud services and data

The companies affected by DataSpii belong to many Fortune 500 corporations. Let’s know what kind of corporate data they have used

 

  • Private Lan network structure
  • API Keys
  • The real-time activity of employees, including corporate tasks
  • Proprietary source code
  • Company memos
  • Firewall access codes
  • Operational elements
  • Zero-day vulnerabilities
  • Proprietary secrets

 

Installation of these extensions even in your office browser can put in you in trouble because when you don’t even know what is going on, you may land up in legal affairs due to data theft. The data are basically drawn out from the browser and then it is sold to third-party companies depending on the need for a specific database.

Name Lists: Browser Extensions that stole your Data

Mainly the users of Chrome and Firefox are affected by the addons, but another chromium-browser like Opera is also affected.

 The Browser Extensions that Stole Your Data

a. Extension Name: Fairshare Unlock

Users: 1 million

Browse Vendor: Chrome and Firefox

b. Extension Name: Hover Zoom

Users: 800,000

Browse Vendor: Chrome

c. Extension Name: SpeakIt

Users: 1.4 million

Browse Vendor: Chrome

d. Extension Name: Super Zoom

Users: 329,000

Browse Vendor: Chrome and Firefox

e. Extension Name: Panel Measurement

Users: 500,000

Browse Vendor: Chrome

f. Extension Name: Panel Community Surveys

Users: 1 user

Browse Vendor: Chrome

g. Extension Name: Branded Surveys

Users: 8 user

Browse Vendor: Chrome

Many of these extensions such as FairShare Unlock or SpeakIt! Have millions of users worldwide. Lots of people are at risk because your browser could be auto-syncing extensions which means you can take the malicious files from your home computer to work computer.

How these 8 Extensions are collecting your data?

There are millions of extensions over the internet and every extension has its own terms and conditions. There are many extensions that show us the information about which data are getting collected and what are they used for while they are collecting it. But some extensions don’t bother to disclose this information.

Sam Jadali said security measures like encryption or authentication won’t be able to prevent them from collecting your data. The extensions basically use the interface functions of browser applications that do not have legit problems. But this case saw use of API maliciously.

The extensions use clever obscure techniques as 24 hrs stand by time after installation before data transfers begin so that you cannot detect any of them. Even if users analyze any problems in the extensions after installing, they won’t find any suspicious behavior because it will start its job after 1 day. These data are gathered from millions and then sold to third parties having mutual interests.

How Chrome and Firefox stopped this? 

Both Mozilla and Google have completely disabled this extension in user’s browsers and moreover, these extensions can not be downloaded now, as it has been removed the net.

This is to make sure that if the extensions are still present in your browser you can eliminate them manually. And this is a very easy task to accomplish.

What you should do if you are impacted?

  • The first step is to instantly remove the extensions from your browsers.
  • As a precautionary measure, you should change your password and even API keys if you have accessed those services through an API via  URL.
  • For the corporations, you should remove the PII, CI, and metadata such as URLs.
  • Protecting your APIs by restricting access to whitelisted IP addresses is also highly recommended for professionals and companies.

How to Remove these 8 Extensions from your Browsers?

For Chrome: Just put the URL in your browser and open it, now go to about: addons.

You would be able to see a Remove option next to the extension in question on the page.

Just click on Remove and you are safe.

For Mozilla: Enter the URL in your browser. Go to about: addons and Remove the extension in question just like you did for Chrome.

You should be Careful while Installing Browser extensions

Data hack and Cybercrime has reached a horrific level in the past few years. This kind of incident shows us that our data are vulnerable and could be hacked by any measure. No one knows what is hiding inside a good looking extension or software. Who knows, maybe the extensions are hiding malicious codes and are planning to steal your data.

Leaving your personal data in the hand of the giant companies are not enough to secure your private data and prevent it from getting hacked. You should take this seriously and change these by yourself. Before installing any browser extensions you should run a research on the extensions to know if there are any issues on the internet relating to malicious extensions.

If there is anything suspicious, something or the other will come up. Just avoid all those extensions and use legit ones.

Going forward, I want to recommend some tips or advice you could say to prevent this from happening. Just try to limit the number of extensions in your browser which will reduce the risk a little.

Wrapping Up

We have discussed the 8 malicious extensions in your Chrome and Firefox browsers and how to remove them from your browsers easily. This story has sparked a sense of security among the users to keep their personal data safe and protected. 

Just to be preventive use fewer numbers of extensions and stay protected.

Leave a Comment

Your email address will not be published. Required fields are marked *

+ 88 = 89