NetflixParty. Malicious Google Chrome extension affects over a million

One site can hide another. In an article published online on August 29, the antivirus software publisher McAfee warned of the existence of five malicious extensions for the Google Chrome browser. To date, they have already been downloaded by more than 1.4 million users worldwide, underlines the American company.

Very popular for saving passwords, taking screenshots or watching videos with friends, these extensions are designed to make our lives easier. They can be downloaded from the Chrome Web Store, if you use Chrome, Google’s browser. Be careful, however, because some extensions are dangerous and contain malware that invades your privacy.

Netflix Party extension singled out

This extension of the Google Chrome browser allows you and your friends to watch a movie or series together and chat about it live, thanks to a chat bar. Unlike the Disney + platform and Amazon Prime, this option is not available directly on Netflix and therefore requires to be installed on your browser. But beware, two dangerous versions of Netflix Party therefore exist on Chrome, one with 300,000 installations and the other exceeding 800,000 downloads.

If the two offending versions bear the name Netflix Party, you should know that the original extension, with the same name, has been renamed Teleparty since October 2020. This extension, a priori risk-free and formerly exclusive to Netflix allows you to launch famous Watch Parties on different platforms now, including Disney +, Amazon Prime Video, Netflix, Hulu and YouTube. To date, it has convinced more than 10 million users.

The three extensions pointed out by McAfee are FlipShope, a site for browsing thousands of different offers for online shopping, downloaded more than 80,000 times. Full Page ScreenShot, a site for taking screenshots with an extension installed nearly 200,000 times, as well as Autobuy Flash Sales, for shopping and getting write-ups, downloaded 20,000 times.

Read also: Vacation rental scam, fake bank details, fraudulent codes… These summer online scams

Risky installations for your privacy

On its blog, McAfee advises its customersto be careful when installing Chrome extensions and pay attention to the permissions they ask for. And for good reason, while most pirate extensions or applications are fairly poorly referenced because they do not offer the promised features, these five extensions appear quite credible. In particular because they fulfill their role and are therefore rather well rated in the Chrome applications directory.

They all act the same way. Here, these extensions redirect users to phishing (or phishing) sites, that is to say a site that imitates another site (bank, taxes, or CAF for example) to defraud Internet users and steal their data. To do this, they insert affiliate identifiers in the cookies of e-commerce sites, in order to remunerate hackers when the user makes a purchase.

The user is therefore spied on because his online browsing is traced. For the time being, the American giant Google has already begun to remove certain extensions in question. However, you will have to uninstall them manually if you have already downloaded them.


Leave a Comment