Security News > 2022 > August > Experts Find Malicious Cookie Stuffing Chrome Extensions Used by 1.4 Million Users

Five imposter extensions for the Google Chrome web browser masquerading as Netflix viewers and others have been found to track users' browsing activity and profit of retail affiliate programs.

"The extensions offer various functions such as enabling users to watch Netflix shows together, website coupons, and taking screenshots of a website," McAfee researchers Oliver Devane and Vallabh Chole said.

The extensions are designed to load a piece of JavaScript that's responsible for keeping tabs on the websites visited and inject malicious code into e-commerce portals, letting the attackers make money through affiliate programs for purchases made by the victims.

The findings follow the discovery of 13 Chrome browser extensions in March 2022 that were caught redirecting users in the U.S., Europe, and India to phishing sites and exfiltrate sensitive information.

As of writing, three of the four extensions are still available on the web store, with Netflix Party being the only add-on to be purged.

Users of the installed extensions are recommended to manually remove them from their Chrome browser to mitigate further risks.

News URL

https://thehackernews.com/2022/08/experts-find-malicious-cookie-stuffing.html