Get the latest tech news
Browser extensions turn nearly 1 million browsers into website-scraping bots
Extensions load unknown sites into invisible Windows. What could go wrong?
Extensions installed on almost 1 million devices have been overriding key security protections to turn browsers into engines that scrape websites on behalf of a paid service, a researcher said. Besides the privacy erosions, the websocket also injects a hidden iframe into the page the user is currently viewing that connects to a list of websites specified by the Amazon Web Services server. Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords.
Or read this on ArsTechnica