Categories: Ad Guardian PlusNews

Personal data peddled by browser plug-ins

Eight catastrophically leaky browser extensions were discovered by researcher Sam Jadali, according to FeedSpot

Together with a Washington Post columnist, Geoffrey A. Fowler, they discovered a disastrous situation about privacy, dubbed DataSpii, to add-ons or plug-ins of the browsers (extentions) that make browsing better by finding coupons or remembering passwords.

Those extensions, offered up on stores run by Chrome and Firefox and therefore presumably legit, are also watching every click and then putting it all up for sale.

Jadali found that the extensions were leaking, in near real-time, personal, sensitive data on the websites we’re browsing, primarily on Chrome, but also on Firefox. The leaked data included the following types of personal and corporate data:

Personal data: personal interests, tax returns, GPS location, travel itineraries, gender, genealogy, usernames, passwords, credit card information, genetic profiles.

Corporate data: company memos, employee tasks, API keys, proprietary source code, LAN environment data, firewall access codes, proprietary secrets, operational material andzero-day vulnerabilities.

According to Ars Technica, it was about data from more than four million users. The extensions collected “the URLs, webpage titles, and in some cases the embedded hyperlinks of every page that the browser user visited,” Ars reported.

They didn’t just steel web histories, but some of these extensions peddled them, publishing the histories through a fee-based service called Nacho Analytics that uses the tag line “See Anyone’s Analytics Account.”

The extensions:

– Hover Zoom

– SpeakIt!

– SuperZoom

– SaveFrom.net Helper

– FairShare Unlock

– PanelMeasurement

– Branded Surveys

– Panel Community Surveys

Fowler says that they found for sale the following data:

I’ve watched you check in for a flight and seen your doctor refilling a prescription.

I’ve peeked inside corporate networks at reports on faulty rockets. If I wanted, I could’ve even opened a tax return you only shared with your accountant.

I found your data because it’s for sale online. Even more terrifying: It’s happening because of software you probably installed yourself.

Google decided to remove extensions from its Chrome Web Store a day after Jadali and the Post published their stories. It also remotely disabled those extensions on the millions of computers that had them installed. Mozilla removed and disabled its one DataSpii extension in February. A week later, Nacho Analytics announced a “data outage.”

According to Ars, Nacho Analytics’ founder and CEO – Mike Roberts announced in an email that the site would no longer accept new customers or provide new data, but that the existing customers would be able to still access any data they’d previously bought. Also, he explained that the site had suffered a “permanent data outage” due to a third-party supplier no longer being available.

How it works

Sam Jadali says that the URL data from websites is imported directly into customers’ Google Analytics accounts, which includes sensitive information, such as names of medical patients who got test results from a patient care cloud platform used by medical services.

Ars offered some redacted screenshots showing data slurped from Tesla’s network and then sent to Nacho Analytics and eventually imported in Google Analytics.

According to a spokesperson from Google, the company decided to suspend multiple Analytics properties owned by Nacho Analytics for violating Google terms of service and is investigating additional accounts which could be connected or integrated with Nacho Analytics.

What to do?

Find out if DataSpii is spying on your clicks, by viewing your extentions:

in Chrome, enter this URL in your browser: chrome://extentions

in Firefox, enter this URL in your browser: about: addons

If you see any of the extensions listed above, just remove them. Still, Jadali mentioned that a remotely deactivated extension did not stop the data collecting process. You need to remove the extention to stop the data collection.

Moreover, Jadali advises those who used the addons to change their passwords.

Laurentiu Titei

View Comments

Recent Posts

Fixed: “Your Device is Missing Important Security and Quality Fixes” Error

Are you worried about malware infections, system instability, performance issues, and failure to run new…

23 hours ago

Download Driver Canon iP2770 and Install on Windows 11/10

Despite being discontinued, the Canon iP2770 is still a user favorite energy-efficient inkjet printer with…

2 days ago

Fix the Ubotie Keyboard Not Working Problem with Easy Steps

Ubotie is a renowned electronics brand. It offers a range of computer peripheral devices, including…

2 days ago

Epson LX 310 Driver Download and Update on Windows 11/10

Epson LX 310 is a dot matrix printing machine offering the best-in-class print quality. While…

2 days ago

Roxio Video Capture USB Driver Download with Easy Steps

Is Windows unable to recognize your Roxio Video Capture USB device? Then, it may be…

3 days ago

Download Kyocera Printer Driver Easily for Windows 11/10

Kyocera is a renowned printer brand for its reliability, high-quality printing in large volumes, and…

3 days ago