Chrome third-party extensions to be exposed can record private information and sell it-vulnerability warning-the black bar safety net

2015-11-26T00:00:00
ID MYHACK58:62201569411
Type myhack58
Reporter 佚名
Modified 2015-11-26T00:00:00

Description

The Swedish security firm Detectify Labs currently represents some of the Chrome extension app will track The user's Internet history, and even also includes Facebook Connect and privacy of the access token, is connected to a private Dropbox and Google Drive file link. Affect a wide range is not optimistic Detectify Labs security researchers say these Detectify labs and without the consent of the user starts tracking user's Internet history, and even some of the tracking functions are turned on by default. There is something in hidden in the privacy protection Protocol. Detectify Labs security researchers not only found these Chrome extensions will track The user's Internet history, and even also includes Facebook Connect and privacy of the access token, is connected to a private Dropbox and Google Drive file link. Detectify Labs revealed including HooverZoom, the SpeakIt, the ProxFlow, Instant Translate, FB Color Changer, a SafeBrowse, JavaScript Error Notifier, the SuperBlock AdBlocker and many other popular extension program exists to track Internet users. Although the analysis of the providers by getting these users online behavior to provide the appropriate data to support, but by Chrome extensions to get in the way apparently for the crime of the edge. For the analysis of the providers of these privacy data, it is obvious there is a certain danger, if the use of this kind of malicious attack, you can target cause a great impact. The privacy information is sold Detectify Labs security researchers analyzed these Chrome extensions and found these Chrome extensions can self-update, even if it these extensions in the Ming on the surface is no longer updated, but still allows the Analytics company to upgrade the tracking code and add new features, and even extensions of the original author has terminated his project. The researchers also said that the analysis of these extensions is not easy, these extensions in the monitoring of the user's process are independent. Researchers in the study of the expansion of the program, the analysis of the malware program author's purpose, said: “A malicious program author's real purpose may be to obtain money interests.” Detectify Labs security expert Linus Särud and Frans Rosén said: “We worked on a Chrome extension related forum to see someone sell these to track information per user/month priced at $ 0. 0 $ 4. If you get tens of thousands or millions of user data, then each month you can get a very considerable revenue.”