Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Chrome Privacy

Chrome Extensions With 1.4M Installs Covertly Track Visits and Inject Code (arstechnica.com) 7

Posted by msmash from the privacy-woes dept.
Google has removed browser extensions with more than 1.4 million downloads from the Chrome Web Store after third-party researchers reported they were surreptitiously tracking users' browsing history and inserting tracking code into specific ecommerce sites they visited. ArsTechnica: The five extensions flagged by McAfee purport to offer various services, including the ability to stream Netflix videos to groups of people, take screenshots, and automatically find and apply coupon codes. Behind the scenes, company researchers said, the extensions kept a running list of each site a user visited and took additional actions when users landed on specific sites. The extensions sent the name of each site visited to the developer-designated site d.langhort.com, along with a unique identifier and the country, city, and zip code of the visiting device. If the site visited matched a list of ecommerce sites, the developer domain instructed the extensions to insert JavaScript into the visited page. The code modified the cookies for the site so that the extension authors receive affiliate payment for any items purchased. To help keep the activity covert, some of the extensions were programmed to wait 15 days after installation before beginning the data collection and code injection.
This discussion has been archived. No new comments can be posted.

Chrome Extensions With 1.4M Installs Covertly Track Visits and Inject Code More

Chrome Extensions With 1.4M Installs Covertly Track Visits and Inject Code

Comments Filter:

Slashdot Top Deals

The truth of a proposition has nothing to do with its credibility. And vice versa.

Close