It is a fact that we have to be extra careful nowadays when it comes to our privacy and security in this world where nothing is safe from hackers. Every day, we see at least one case where someone got robbed or their credit card information got stolen and it was charged with spends. However, we see that there is bigger scheme of things as well where a whole network is being developed by hackers to stole information from people in bulk.
One such network has just been found and this is with the help of Chrome extensions which a majority of the Chrome users must have been using or have used from time to time. Now, we are not talking about just 1 or 2 Chrome extensions but it is found out that 500 Chrome extensions were involved in this fraud. All these Chrome extensions were found to be uploading private data from millions of its users. Also, it is known that these extensions were downloaded millions of times so it is possible that the userbase might be even more.
Since you will be aware that Google Chrome extensions would require you to add some private data of yours to them, users will add the data in hope that it will not be uploaded to private servers or leaked. However, the report reveals that these extensions surreptitiously uploaded private browsing data to attacker-controlled servers. This is an illegal act because even if the private data needs to be uploaded, it can be uploaded on public servers which are protected or not uploaded at all.
It is known that the extensions were also a part of the ad-fraud and malvertising scheme which was running for a long time. Independent researcher Jamila Kaya discovered this fraud to the world. It is also known that Google has removed all these extensions after the revelation.