Categories: Ad Guardian PlusNews

Personal data peddled by browser plug-ins

Eight catastrophically leaky browser extensions were discovered by researcher Sam Jadali, according to FeedSpot

Together with a Washington Post columnist, Geoffrey A. Fowler, they discovered a disastrous situation about privacy, dubbed DataSpii, to add-ons or plug-ins of the browsers (extentions) that make browsing better by finding coupons or remembering passwords.

Those extensions, offered up on stores run by Chrome and Firefox and therefore presumably legit, are also watching every click and then putting it all up for sale.

Jadali found that the extensions were leaking, in near real-time, personal, sensitive data on the websites we’re browsing, primarily on Chrome, but also on Firefox. The leaked data included the following types of personal and corporate data:

Personal data: personal interests, tax returns, GPS location, travel itineraries, gender, genealogy, usernames, passwords, credit card information, genetic profiles.

Corporate data: company memos, employee tasks, API keys, proprietary source code, LAN environment data, firewall access codes, proprietary secrets, operational material andzero-day vulnerabilities.

According to Ars Technica, it was about data from more than four million users. The extensions collected “the URLs, webpage titles, and in some cases the embedded hyperlinks of every page that the browser user visited,” Ars reported.

They didn’t just steel web histories, but some of these extensions peddled them, publishing the histories through a fee-based service called Nacho Analytics that uses the tag line “See Anyone’s Analytics Account.”

The extensions:

– Hover Zoom

– SpeakIt!

– SuperZoom

– SaveFrom.net Helper

– FairShare Unlock

– PanelMeasurement

– Branded Surveys

– Panel Community Surveys

Fowler says that they found for sale the following data:

I’ve watched you check in for a flight and seen your doctor refilling a prescription.

I’ve peeked inside corporate networks at reports on faulty rockets. If I wanted, I could’ve even opened a tax return you only shared with your accountant.

I found your data because it’s for sale online. Even more terrifying: It’s happening because of software you probably installed yourself.

Google decided to remove extensions from its Chrome Web Store a day after Jadali and the Post published their stories. It also remotely disabled those extensions on the millions of computers that had them installed. Mozilla removed and disabled its one DataSpii extension in February. A week later, Nacho Analytics announced a “data outage.”

According to Ars, Nacho Analytics’ founder and CEO – Mike Roberts announced in an email that the site would no longer accept new customers or provide new data, but that the existing customers would be able to still access any data they’d previously bought. Also, he explained that the site had suffered a “permanent data outage” due to a third-party supplier no longer being available.

How it works

Sam Jadali says that the URL data from websites is imported directly into customers’ Google Analytics accounts, which includes sensitive information, such as names of medical patients who got test results from a patient care cloud platform used by medical services.

Ars offered some redacted screenshots showing data slurped from Tesla’s network and then sent to Nacho Analytics and eventually imported in Google Analytics.

According to a spokesperson from Google, the company decided to suspend multiple Analytics properties owned by Nacho Analytics for violating Google terms of service and is investigating additional accounts which could be connected or integrated with Nacho Analytics.

What to do?

Find out if DataSpii is spying on your clicks, by viewing your extentions:

in Chrome, enter this URL in your browser: chrome://extentions

in Firefox, enter this URL in your browser: about: addons

If you see any of the extensions listed above, just remove them. Still, Jadali mentioned that a remotely deactivated extension did not stop the data collecting process. You need to remove the extention to stop the data collection.

Moreover, Jadali advises those who used the addons to change their passwords.

Laurentiu Titei

View Comments

Recent Posts

Best and Safe ROM Sites to Download ROMs

Allow us to introduce you to a list of the best ROM sites for downloading…

3 days ago

Best Internet Browsers for Safe Browsing for Kids

If you are looking for the best safe browser for kids, you have come to…

1 week ago

Download and Update the HP Smart Tank 580 Driver for Windows PC

If you want to enhance the performance of your printer by way of the HP…

2 weeks ago

Best Computer Imaging Software to Image a PC

If you wish to install the contents on any Windows PC to another PC, you…

3 weeks ago

Best SQL Server Management Tool

If you are looking for server-based tools for database management using SQL, you can take…

1 month ago

Best Open-Source Vulnerability Scanners & Tools

If you want to ascertain the most vulnerable files, areas, and sectors in your data,…

1 month ago