8 Browser Extensions You Should Have Removed Now Because of DataSpii

By | April 6, 2022

A major security issue has been found in a number of browser extensions for Firefox and Chrome. This browser extension is harvesting your data, and you should delete it immediately.

The extension collects large amounts of highly personal data from people’s web browsers, and sells this data to third parties. The leak was so serious that it was called a “major disaster,” and it affected both companies and individuals.

Browser Extensions You Need To Uninstall

Extensions affected by this vulnerability are available for Chrome and Firefox, as well as Chromium-based browsers such as Opera and Yandex Browser. And it doesn’t matter what operating system you are using.

Whether you’re using Windows, macOS, Chrome OS, or even a Linux distribution like Ubuntu. If you have these extensions installed in your browser, they ARE stealing your data.

The affected Firefox extensions are as follows:

  • SaveFrom.net Helper
  • FairShare Unlock
  • SuperZoom

And the affected Chrome extensions include the same two, plus a few others:

  • FairShare Unlock
  • SuperZoom
  • Hover Zoom
  • SpeakIt!
  • PanelMeasurement
  • Branded Surveys
  • Community Survey Panel

Of these, both SpeakIt! and FairShare Unlock has more than one million users worldwide. So there are a lot of people who are at risk from this security vulnerability.

We recommend checking if your browser can sync your extensions too. For example, if you enable sync on Google Chrome, your extensions might be mirrored among all the machines you use. This means the infection can spread from your home computer to your office computer.

What data does this extension collect

The sheer volume and variety of data that is prone to this problem is daunting. If you install one of these extensions on your browser, they may collect information about you such as:

  • Username
  • Password
  • Credit Card Information
  • Gender
  • Personal interests
  • GPS Location
  • Tax refund
  • travel itinerary
  • Family tree
  • Genetic profile

If you install extensions on computers at your workplace, they may also collect information about your company, including company memos, firewall access codes, API keys, and more.

Thanks For Visit

This information is hoovered by the browser extension. These are then sold by companies that specialize in data analysis.

How Extensions Work Collecting Your Data

Some of the extensions that collect data mention what they do in their terms and conditions. In the small print sometimes there is a warning that the extension will collect browsing data.

However, most of the users do not read the terms and conditions. And it’s unlikely they would agree to give up so much of their data if they found out.

Sam Jadali, the security researcher who discovered the data leak, named it “DataSpii”. Even security measures such as authentication or encryption cannot prevent this problem. It works by using browser application interface (API) functions which do have legitimate uses. But in this case the API functions are used maliciously.

To avoid detection, the extension uses clever obfuscation techniques such as waiting 24 hours after installation before siphoning data begins. This means that even if users check the extension carefully after installing it, they will not encounter any malicious behavior as it will not start until a day later.

Furthermore, even if the user uninstalls the extension, their data will still be held by the extension and may be sold to third parties.

What Source of Information Is This Extension Leaking

The primary source of information this extension collects is via shared links. For example, you set up a Skype meeting. You will email the info to the person you wish to meet. Then they click the info to join your meeting.

If you have one of these browser extensions installed, it can bypass that info. When you open a info in your web browser, the extension can see your actions. The extension can even eavesdrop on your meetings. The same can happen with other conferencing software like Zoom.

Another scary source of data leaks are ancestral sites like 23andMe. When you are given a 23andMe report on your DNA, the company sends you a info that allows you to share your results with friends and family. If you click on this info then the browser extension can intercept this page as well, gathering information about your family DNA and even biomedical data like your muscle composition.

Similar data leaks can occur in all kinds of other situations, such as when you visit your Apple iCloud account, when you place an order with Apple.com, or when you use the web interface for video surveillance of your Nest. If you use an online accounting service like Quickbooks then the extension can collect data about your taxes as well.

Why It’s Hard to Protect Against This Data Leak

Since extensions can spy on users through the use of shared links, a single person with a compromised browser could inadvertently harm their friends, family and colleagues.

This makes it very difficult for companies and individuals to protect against this kind of data leak. If someone you know has installed one of these extensions and they share a info or Skype call with you, your data could be compromised even if you never installed the extension yourself.

“Even the most responsible individuals proved vulnerable to DataSpii; with vast budgets and myriad experts on hand, even the largest cybersecurity corporations proved vulnerable to DataSpii. Our data is only as secure as those with whom we entrust it.”

Thanks For Visit

Category: