Have you heard of DataSpii? When your browser extensions know too much

Diego Germán González

4 minutes

Have you heard of DataSpii? is the collection of data by the extensions

The Nacho Analitycs web traffic information site receives information collected by browser extensions.

Have you heard of DataSpii? In a few words, is the collection of your browsing habits, passwords and other sensitive dataI know what they do some extensions of your browser That information ends up, in many cases, in the hands of companies that market the data.

Worst of all, this form of privacy violation It is the result of the laziness of browser developers and website designers. They are what allow those behind the extensions to get a few extra euros by selling our information.

Have you heard of DataSpii? Why should we have done it

DataSpii is a veritable hole in user privacy that is widely proven. However, not enough measures have been taken to protect users.

Most of us we use the web browser for tasks that require confidentiality; make medical appointments, do operations in a bank, interact with work teams on delicate projects and, why not admit it, watch movies that our mother would not approve of. What at least four million users of certain Chrome and Firefox extensions did not know is that aCertain extensions of your browser collected the URLs, web page titles and, in some cases, embedded hyperlinks of all the pages that the browser user visited. That information was shared with a site called Nacho Analytic, a company that provides information about Internet traffic in exchange for payment.

Among the information collected were links that instead of leading to password-protected sites used tokens (groups of random characters that were difficult to predict). By knowing the link you can access the site without problems.

Here are some examples of the information that could be accessed:

  • Home and business surveillance videos hosted in the cloud of security companies.
  •  Tax declarations, billing information, commercial documents and presentation slides hosted on Microsoft OneDrive, Intuit.com, and other online services. 
  • Car identification numbers recently purchased, along with the buyers' names and addresses. 
  •  The names of the patients and data on the doctors who visited on online shift platforms.
  • Travel itineraries housed in Priceline, Booking.com and airline websites .
  •  Facebook attachments Messenger and Facebook photos, even when the photos were set to be private.

Even in those cases in which the links did not allow access without a password, there were many that included sensitive information.

This is how the problem was discovered

The person to raise the alarm about what was happening was Sam Jadali, creator of a hosting service. Jadali discovered that Nacho Analitics, a company that provides information on web traffic, included links from one of your company's clients in your reports of hosting. Those links led to private forum conversations. Those conversations should only be accessible only to the sender and recipient. After reviewing more than 200 extensions, he found several that were uploading the browsing history to external servers.

The term DataSpii arose from putting together the words personal, identifiable data, spy, and information.

To determine which were the extensions that were guilty of sending their clients' data to Nacho Analitics, Jadali did the following tests:

  • You set up a fresh install of Windows and Chrome, and then used the security tool Burp Suite and extension FoxyProxy Chrome to observe how it behavedn suspicious extensions.
  • In that installation he also tested browser extensions for Firefox and installed virtual machines running macOS and Ubuntu.

From the tests he did, the list of suspects emerged:

  •  fair share Unlock: a Chrome and Firefox extension to access premium content from that site for free.
  • SpeakIt!: an extension for Chrome that reads texts.
  • Hover Zoom: a Chrome extension to allow enlarging images.
  • Panel Measurement: A Chrome extension to find market research.
  • SuperZoom: Another extension to enlarge images, available in this case for Chrome or Firefox.
  • SaveFrom.net helpr: Extension for Firefox that facilitates the download of content.
  • Branded Surveys: This extension oroffers the possibility of receiving cash and other prizes in exchange for completing online surveys. 
  • Panel Community Surveys: Otra application that offers rewards for answering surveys online. 

Did you notice the pattern? Many of these extensions either allow free access to paid services or promise to make money easily.

Although both Firefox and Chrome remove the reported extensions, itThese can be downloaded many times from the developers' website, on the other hand, already installed extensions are not disabled.

It is advisable tHave two browsers installed. One for sensitive information, if possible without extensions, and another with the extensions that you want and that you should never use to transmit and receive sensitive information


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.