EXPERTS have warned that half of Chrome extensions pose a security risk.
Extensions are tools you can download to enhance your internet experience but some have been found harbouring viruses and other worrying bugs over the years.
1
A group of researchers analysed more than 1,200 Google Chrome browser extensions to find out what they get up to under the hood and they made some alarming discoveries.
“Our research shows that one in two Chrome extensions are poised to wreak havoc on your digital privacy and security,” Incogni claims.
Their investigation also found that one four Chrome extensions collect data as well.
They warned that some of them have access to “virtually everything” you do while browsing the internet, including every key you press.
“If an extension like this was to turn malicious or get compromised, a bad actor could spy on your every move and steal your login and payment details from any site you visit,” the experts warn.
“These are the highest risk impact extensions.”
But high risk doesn’t necessarily mean the makers of the extension will do something bad.
Some are made by companies with a good track record of keeping user data safe, so although the access they have is a high risk impact they carry a low risk likelihood of being used with malicious intent.
Most read in Tech
On the flip side, the experts say some “fly-by-night” developers may have a questionable background but don’t ask for suspicious permissions, making them a high risk likelihood but low risk impact of actually being able to do something bad.
“Some extensions truly can’t function without certain permissions, even scary ones like clipboard read and browsing data,” Incogni continues.
“This is why it’s important to only use extensions from trusted developers.
“A trusted developer is one with a history of problem-free software development and high user ratings.
“Seeking out trusted developers is neither easy nor foolproof, though.
“A previously above-board developer can turn bad actor, reviews can be bought or faked, and extensions can be compromised through no fault of the developer.
“Doppelganger extensions also complicate things.
“You might think you’re installing a tried, tested, and trusted extension when really it’s a malicious counterfeit.
“These are easy to fall for if you’re not very careful to match the extension and developer names exactly.”
They found that shopping extensions collect the most amount of data and also carry the highest average risk impact by category.
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]
This post first appeared on Thesun.co.uk
