Some popular browser extensions are collecting and even selling your data — including pages you visit and photos you’ve looked at.
A Washington Post investigation found numerous extensions that collect your data, but the most widely-used are Hover Zoom, SpeakIt!, SuperZoom, SaveFrom.net Helper, FairShare Unlock and PanelMeasurement. All six extensions were available on Google Chrome and two were available on Mozilla Firefox as well. All told, the extensions have a combined 4 million users.
According an investigation, all six of these extensions disclose in their terms of service or privacy policies that they may collect user data. PanelMeasurement and FairShare Unlock were the only two that specifically said that they collect browser activity data. Google and Mozilla both deactivated the suspect extensions after being contacted by the Washington Post.
While they should be removed from your browser at this point, it’s worth checking your extensions list to make sure. Each of the six culprits are meant to make browsing better:
- The Hover Zoom Chrome extension allows users to zoom in on photos or videos by simply hovering their mouse over them to enlarge.
- SpeakIt! is a Chrome extension that converts text into speech for any website. The extension works with six languages and has 1.4 million users.
- SuperZoom was an extension for both Chrome and Firefox, but Google and Mozilla removed it earlier this year.
- The SaveFrom.net helper for Firefox allows you to download files from sites like YouTube, Facebook, Vimeo, Soundcloud and more.
- FairShare Unlock was a Chrome and Firefox extension that enabled users to access premium content for free.
- The PanelMeasurement Chrome extension helped users find market research surveys. It has been deactivated by Google.
In response to these extensions collecting user data, a Google spokesperson told Digital Trends, “We want Chrome extensions to be safe and privacy-preserving, and detecting policy violations is essential to that effort. Recently, we announced technical changes to how extensions work that will mitigate or prevent this behavior, and new policies that improve user privacy.”
Google announced changes to its extensions in October, which allows users to be in control of the access that extensions have to their visited websites. Google also changed the review process for developers, which now requires more “powerful permissions.”
Mozilla is also aware of the changing security landscape, and told Digital Trends they have created a list of “Recommended Extensions”, which they said are editorially vetted, security-reviewed, and monitored for safety and privacy.
“Mozilla has blocked all of the extensions that were found to be in violation of our policies. We looked into these extensions and found them to be in violation of our Distribution Agreement and Review Policies. As a result, they have been blocked from Firefox,” said a Mozilla spokesperson.
- New malware can steal your credit card details — and it’s spreading fast
- This new Windows 11 feature will help you protect your passwords
- Spellcheckers in Google Chrome could expose your passwords
- This Microsoft Teams exploit could leave your account vulnerable
- Hackers can now sneak malware into the GIFs you share