A Million Chrome Users Sent Nasty IP Addresses

A team of security researchers have found malware in a popular Chrome extension, which may have sent the browsing data of over 1.2 million users to a single IP address.

ScrapeSentry has accredited its researchers after they uncovered a "sinister side-effect to a free app which potentially leaks users' personal information back to a single IP address in the US."

Martin Zetterlund, one of the founders of ScrapeSentury, analysed the dodgy Chrome extension last week and submitted its findings to Google. The offending malware, known as Webpage Screenshot, was removed on Tuesday.

In a statement Zetterlund said: "We recently identified an unusual pattern of traffic to one of our client's sites which alerted our investigators that something was very wrong."

He added: "Everything downloaded from the internet needs to be treated with suspicion, it's a good idea to look what others have to say about programs and extensions first if you don't have the knowledge to pick them apart yourself."

The Scrape Sentury analyst that headed up the team that found the malware added: "The repercussions of this could be major for the individuals who have downloaded the extension. What happens to the personal data and the motives for wanting it sent it to the US server is anyone's guess, but ScrapeSentry would take an educated guess it's not going to be good news."

"And of course, if it's not stopped, the plug-in may, at any given time, be updated with new malicious functionality as well. We would hope Google will look into this security breach with some urgency," he added.

A spokesman for Webpage Screenshot said there was nothing malicious about the data it gathered, and instead, was used to understand who the extension's users were and where they were located to help drive development of the code.

He added: "Users could opt out of sharing data."

print this article

Return to internet news headlines
View Internet News Archive

Share with: