NPP Australia: Notifying Customers of a New PayID Leak
infosec

NPP Australia: Notifying Customers of a New PayID Leak

PayID's search function on Australia's new payment platform (NPP) has encountered problems once again. This...
Read More
infosec

Man-in-the-middle attacks: What are the most common types?

In a previous article we analyzed exactly what man-in-the-middle attacks are, how they work, how they are carried out and how we can protect ourselves against ...
Read More
infosec tweaks

Man-in-the-middle attacks: What is and how to protect yourself?

A man-in-the-middle attack presupposes three parts. The victim, the entity with which the victim is trying to communicate ...
Read More
infosec

Your keyboard can betray your passwords to hackers

Hackers are able to edit your online passwords only from the sound of your keystrokes, revealed a ...
Read More
infosec

Bluetooth vulnerability affects Apple, Qualcomm and Intel devices!

Bluetooth is used worldwide as one of the most convenient methods of connecting and controlling connected devices. However, according to ...
Read More
Latest Posts

Chrome & Firefox extensions stole millions of data

extensionsA huge leakage data was discovered by security researcher Sam Jidali and his team. The leakage came from 8's different extensions Chrome and Firefox.

The result of this leak was a personal data report of about 4 million people and information from 45 large Companies. Personal information resulted in a service called Nacho Analytics. The researchers named these extensions of Chrome and Firefox, «DataSpii ».

What kind of data leaked?

According to the researchers, the extensions gathered and displayed browsing data, such as URLs, revealing user personal information and a large catalog of large company data such as Apple, Walmart, the Amazon, 23AndMe, SpaceX, Skype, etc.

Among the sensitive personal data gathered by the DataSpii extensions were: tax returns, GPS locations, cloud services and data, attached files, credit card details, genetic profiles, history of online shopping, and medical archives.

Business data gathered from extensions includes real-time employee activity, private network structure, links built into a LAN website, API keys, source code, passwords and zero-day vulnerabilities.

What are the extensions that stole the data?

Chrome and Firefox users are the ones most affected by this leak. However, and users other Chromium-based browsers such as Opera may have been in jeopardy.

Extensions that have stolen user data are as follows:

  • Branded Surveys (Chrome)
  • FairShare Unlock (Chrome and Firefox)
  • HoverZoom (Chrome)
  • Community Surveys Panel (Chrome)
  • PanelMeasurement (Chrome)
  • net Helper (Firefox)
  • SpeakIt! (Chrome)
  • SuperZoom (Chrome and Firefox)

What steps did the Commission take? Google and Mozilla;

When the leak was known, Google and Mozilla removed or disabled extensions from users' browsers. Furthermore, are no longer available for download.

If you still see the above extensions in program your browsing experience, you can remove them yourself "by hand".

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *