Cybersecurity researcher, Sam Jidali, has discovered that eight different Chrome and Firefox browser extensions have been harvesting the data of around 44 major companies and over 4 million users without them knowing.
According to Jidali, the said extensions, which he termed “DataSpii,” steal the URLs, webpage titles, and embedded hyperlinks of every page a user visits. Moreover, Jidali and his team have also discovered that most of these collected web histories were then published by a fee-based service called Nacho Analytics.
Aside from web histories, sensitive information, including medical records, GPS locations, cloud data, file attachments, and credit card information, have also been collected by these add-ons. Major companies, such as Apple, Amazon, Skype, and Walmart, have been revealed to be part of those affected by the breach.
“Nobody is immune to this,” Jadali explained. “Even if you don’t have any harmful extensions, the other people you interact with may have an extension on their computers that could be leaking the data you share with them,” he added.
Google and Mozilla were quick to react to the said report by removing or disabling the extensions from people’s browsers.
In an interview with The Sun, a Mozilla spokesperson said the company has already blocked all the extensions that have violated their policies. “We looked into these extensions and found them to be in violation of our Distribution Agreement and Review Policies. As a result, they have been blocked from Firefox,” the spokesperson explained. “We are aware of the changing security landscape and as such have created a list of Recommended Extensions, which are editorially vetted, security-reviewed, and monitored for safety and privacy by Mozilla,” he added.
The web browser giant also revealed it is now investing in security mitigations and product features that will help users report problematic extensions easier.
When asked by the same UK-based newspaper, Google spokesperson also mirrored the same plan of action, saying: “We want Chrome extensions to be safe and privacy-preserving, and detecting policy violations is essential to that effort. Recently, we announced technical changes to how extensions work that will mitigate or prevent this behaviour, and new policies that improve user privacy.”
According to Jadali, the eight browser extensions responsible for the said data collection include Branded Surveys, FairShare Unlock, HoverZoom, Panel Community Surveys, PanelMeasurement, SaveFrom.net Helper, SpeakIt!, and SuperZoom.
Although all eight may no longer pose a threat and are no longer available for download, security experts still urge users to review all their browser extensions to secure safety and privacy.