Sunday, November 1, 05:34
Home security Google removes two ad blockers that collect user data

Google removes two ad blockers that collect user data

Google removed two ad blocker extensions from the official Chrome Web Store over the weekend after realizing they were stealing users' data.

Google

The two extensions are called Nano Adblocker and Nano Defender, and each had more than 50.000 and 200.000 installations, respectively, by the time they were removed.

Both have been around for over a year, but malicious code was not included in the original publications.

The data collection code was added to authorities this month, in October 2020, after the original creator sold the two extensions to “a team Turkish developers ”.

After the sale, several users, including Raymond Hill, creator of the ad blocker uBlock Origin, appeared to point out that the two extensions were modified to include malicious code.

“The extension is designed to seek [sic] specific information from your outgoing requests in network and send them to https://def.dev-nano.com ", said Hill.

After further analysis, this malicious code was exposed for collection information about users, such as:

  • User IP address
  • Country
  • Details operating system
  • URLs
  • Timestamps for web requests
  • Methods HTTP (POST, GET, HEAD, etc.)
  • Size of HTTP responses
  • HTTP status codes
  • Time dedicated to each website
  • Click on other URLs on a web page

In addition, the two Turkish developers never modified the author fields of the two extensions, leaving the original author's name in place, in what appears to have been an attempt concealment of selling and the culprit behind the malicious code.

The two Turkish developers created a page with the privacy policies where they tried to reveal the collection behavior data in an erroneous attempt to legitimize malicious code.

However, this made things easier for Google staff, as any extensive data collection is prohibited under Chrome Web Store rules.

Both extensions were removed over the weekend and turned off in users' Chrome browsers.

The versions in Firefox of Nano Adblocker and Nano Defender never contained the malicious code, as they are not part of selling and is managed by another developer.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehchttps://www.secnews.gr
Be the limited edition.

LIVE NEWS

How to create a meeting directly from an email in Outlook

Sometimes a meeting is better than an impersonal email. See how you can create a meeting directly from an email or ...

Remote employees open suspicious emails despite security risks

Remote employees are increasingly endangering corporate data and systems, as they do not follow the security of best practices, according to ...

How can you view older versions of a site?

Wayback Machine is an online service that takes screenshots from sites, allowing its users to see what a site was like ...

The Marriott breach fine was reduced to $ 23,8 million

The fine imposed by the British security observer, at the Marriott hotel unit due to data breach, was reduced by 14,4 million £ ...

How to view changes in a Microsoft PowerPoint presentation

While Microsoft 365 subscribers can collaborate in real time on a PowerPoint presentation, some prefer to work alone ...

iPhone / iPad: How to add bookmarks to multiple tabs in Safari

Safari on iPhone and iPad has a hidden feature that allows you to add bookmarks to all open sites ...

NordPass notifies you if your data has been compromised

NordPass password manager has announced a new update, which will help users find out if their data ...

How to change Screen Saver on Android TV

Android TV may not be as customizable as an Android phone, but there is still plenty you can do to ...

USA: Co-operation needed to tackle online child abuse

The Assistant Attorney General of the United States, Beth Williams, calls on all people to take action and unite for ...

Russian hackers targeted the Democratic parties of California and Indiana

The group of Russian hackers who are accused of interfering in the 2016 presidential elections in the USA, this year are accused of targeting emails ...