McAfee flagged five extensions that could stream videos from Netflix to individuals and groups, could trace and apply coupons automatically and were able to take screenshots.
After some third-party researchers reported they were able to access the user’s history from the browser and could apply codes to the sites they had visited, Google removed the browser extension from the website.
Company researchers said the extension kept a running list in each visited site and took some steps when the user landed on the specific sites. These extensions sent the visited site name to the developer and designated site d.langhort.com along with a unique identifier and country, zip, and city from the country visiting through the device.
If the visited site corresponded with the eCommerce sites, the extensions were instructed to insert the JavaScript into the page visited. Extension authors would get the payment if any items would be purchased by modifying the cookies.
Some extensions were programmed to wait before collecting the data and injecting the code for 15 days so that they would not be traced. A Google spokesperson said that all five extensions were removed from the Chrome Webstore.
However, removing the extensions from the server is not as effective as uninstalling them from the 1.4 million devices that are infected. If you are amongst the people who installed these extensions, it is suggested that you inspect your browsers manually and make sure it is not running anymore.
