Malicious Cookie Stuffing Chrome Extensions with 1.4 Million Users
Experts have investigated several malicious extensions in google chrome and discovered 5 extensions with a total install base of over 1,400,000 which are highly malicious.
The extensions offer various functions such as enabling users to watch Netflix shows, shares website coupons, and allows taking screenshots of a website. Apart from offering the access to Netflix, the extensions also track the user’s browsing activity. Every website visited is sent to servers owned by the extension owner. They do this so that they can insert code into eCommerce websites being visited. This action modifies the cookies on the site so that the extension owner receive affiliate payment for any items purchased.
The users of the extensions are unaware of this functionality and the privacy risk of every site being visited being sent to the servers of the extension authors.
The 5 extensions are:
| Name | Extension ID | Users |
| Netflix Party | mmnbenehknklpbendgmgngeaignppnbe | 800,000 |
| Netflix Party 2 | flijfnhifgdcbhglkneplegafminjnhn | 300,000 |
| FlipShope – Price Tracker Extension | adikhbfjdbjkhelbdnffogkobkekkkej | 80,000 |
| Full Page Screenshot Capture – Screenshotting | pojgkmkfincpdkdgjepkmdekcahmckjp | 200,000 |
| AutoBuy Flash Sales | gbnahglfafmhaehbdmjedfhdmimjcbed | 20,000 |
SOVA: Android Malware that can swipe your Bank account
LCMHS hospital suffered a Ransomware attack at Louisiana hospital that impacted 270,000 patients
