Netflix Party has 800,000 downloads, Netflix Party 2 has 300,000 downloads, Full Page Screenshot Capture Screenshotting has 200,000 downloads, FlipShope Price Tracker Extension has 80,000 downloads, and AutoBuy Flash Sales has 20,000 downloads, according to the NCC-CSIRT.
The NCC-CSIRT stated in a statement that the five chrome extensions identified have a high probability and damage potential, have been downloaded more than 1.4 million times, and are used to steal users’ data. The telecom cybersecurity protection team warned telecom customers to be cautious when installing any browser extension.
According to the advisory, users are frequently unaware of these chrome extensions’ invasive functionality and privacy risk. “Malicious extensions monitor victims’ visits to e-commerce websites and modify the visitor’s cookie to make it appear as if they came through a referrer link,” it said. As a result, the developers of the extensions receive an affiliate fee for any purchases made at electronic stores.”
Although the Google team removed several browser extensions from its Chrome Web Store, the advisory stated that keeping malicious extensions out may be difficult. As a result, the NCC-CSIRT advised telecom customers to exercise caution when installing any browser extension.
“This includes manually removing all listed extensions from their Chrome browser.” Before installing a browser extension, users should pay close attention to the prompts, such as the permission to run on any website visited and the data requested.
Although some extensions appear to be legitimate, due to a large number of user downloads, these dangerous add-ons make it critical for users to verify the authenticity of extensions they access,” the advisory continued.