Security News > 2022 > June > Google Chrome extensions can be fingerprinted to track you online
![Google Chrome extensions can be fingerprinted to track you online](/static/build/img/news/google-chrome-extensions-can-be-fingerprinted-to-track-you-online-medium.jpg)
A researcher has discovered how to use your installed Google Chrome extensions to generate a fingerprint of your device that can be used to track you online.
Yesterday, web developer 'z0ccc' shared a new fingerprinting method called 'Extension Fingerprints' that can generate a tracking hash based on a browser's installed Google Chrome extensions.
"Web accessible resources": [ ],. z0ccc discovered that you could use these web-accessible resources to check for installed extensions and generate a fingerprint of a visitor's browser based on the combination of found extensions.
While those with no extensions installed will have the same fingerprint and be less useful for tracking, those with many extensions will have a less common fingerprint that can be used to track them around the web.
To illustrate this fingerprinting method, z0ccc created an Extension Fingerprints website that will check a visitor's browser for the existence of web-accessible resources in 1,170 popular extensions available on the Google Chrome Web Store.
The Extensions Fingerprints site only works with Chromium browsers installing extensions from the Chrome Web Store.
News URL
Related news
- Google Chrome emergency update fixes 6th zero-day exploited in 2024 (source)
- Google Chrome change that weakens ad blockers begins June 3rd (source)
- Google Chrome reduced cookie requests to improve performance (source)
- New ARM 'TIKTAG' attack impacts Google Chrome, Linux systems (source)
- Fake Google Chrome errors trick you into running malicious PowerShell scripts (source)
- Google Chrome to let Isolated Web App access sensitive USB devices (source)
- Google patches third exploited Chrome zero-day in a week (source)
- Google fixes third actively exploited Chrome zero-day in a week (source)
- Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability (source)
- Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947) (source)