Researchers at leading anti-scraping and IT security specialists ScrapeSentry have uncovered a sinister side effect to a free app which over a million Google Chrome users have downloaded, and which potentially leaks all of their personal information back to a single IP address in the USA.
Webpage Screenshot which is available in the Google Chrome Extension web store has now been downloaded by over 1.2 million users. The extension allows users to take a screen capture and store it. But hidden in it is a more menacing data theft capability.
Explaining how they discovered the hidden functionality, Martin Zetterlund, Founding Partner at ScrapeSentry said, “We are in the business of detecting and blocking scrapers and bots that break terms and conditions of use of our customers’ websites. We recently identified an unusual pattern of traffic to one of our client’s sites which alerted our investigators that something was very wrong.”
On further analysis, the team discovered that the Chrome extension contained malicious code that allowed for copies of all browser all your browsing data to a server in the USA. This means that all the sensitive data visible in your page title, such as e-mail if you’re using a web e-mail service, could be sent unknowingly to an IP address hosted in the USA.
Cristian Mariolini, Security Analyst, who headed up the team that found the rogue extension concluded, “The repercussions of this could be quite major for the individuals who have downloaded the extension. What happens to the personal data and the motives for wanting it sent it to the US server is anyone’s guess, but ScrapeSentry would take an educated guess it’s not going to be good news. And of course, if it’s not stopped, the plugin may, at any given time, be updated with new malicious functionality as well. We would hope Google will look into this security breach with some urgency.”
* * *
For details about how we found the leaking extension:
* * *
Notes to Editors:
ScrapeSentry was founded in 2006, and was the world’s first anti-scraping solution to be developed to protect sites from the loss of Intellectual Property and from data theft. As pioneers in the field, ScrapeSentry has worked with many global businesses, such as easyJet, Ladbrokes, and Autotrader.com to protect them from scraping and all the costs, losses of data, customers and IP as well as the potential losses in the reputational damage, that scraping involves. ScrapeSentry has offices in Stockholm, Sweden London, UK and Boston USA.
Scraping (also known as web scraping, screen scraping or data scraping) is where large amounts of data from a web site is copied manually or with a script or program. Scrapers might be copying data to populate their own site, or to pretend to be you to customers, or to ensure they price match or better. Whatever their motive and final use for your data, web scrapers are likely to be competing for your customers. Scraping can also have the unintended (or sometimes the intended) consequence of also slowing access to the scraped site and to customers being unable to complete transactions, so that they abandon the site and go elsewhere