Best Reviews logo
Best Reviews may receive compensation for its content through paid collaborations. See how we sustain our work & review products.
Are Your Browser Add-ons Spying on You?

Are Your Browser Add-ons Spying on You?

By Tamás Ő.Tamás Ő. Verified by Adam B.Adam B. Last updated: July 22, 2024 (0)

The internet browser is one of the most basic assets of any netizen, yet many of us overlook its importance. If you think about it, a browser is like a Swiss Army Knife since it can be fitted with any number of useful add-ons of your choosing. However, the extra level of convenience that is offered by such extensions could hide serious security risks as hackers are skilled at exploiting even the smallest weak points in any system.

Covering your browser with add-ons the same way you decorate a Christmas tree will only increase the risk of being infested with malware, since there is a higher chance of installing an online tool that is outdated or poorly protected. And worst of all is the fact that even privacy-focused extensions – such as those of password managers or VPNs – are a liability for your system.

Horror stories of faulty add-ons

Add-on exploits happen with an alarmingly high frequency and even high-profile software isn’t safe from them. Here is a brief list of victims from over the years.

Grammarly

During the first week of February 2017, Grammarly’s popular auto-correcting browser extensionentered the spotlight after exchanging authentication tokens with third-party websites. These leaked credentials could allow others to steal your identity and then log into Grammarly with your account and access your documents, history, or logs. The severity of this exploit was quickly remedied, but it’s not known how many people were affected from the 22 million user base.

Keeper

A password management add-on that works in favor of a hacker can be a true nightmare, but this is exactly what happened with Keeper, password management software that comes as default with Windows 10 systems. Malicious individuals have found a way to fool the browser extension into handing over personal credentials when used on an infected site. Since the software is a vault of personal information for other accounts, this security flaw effectively compromises a person’s entire online life. After the initial reports, the issue was fixed within 24 hours.

Hola

Not all security exploit happens by accident. The popular browser-based VPN Hola was a favorite for years until its shady practices were unveiled in 2015. First of all, the service is a VPN in name only. Although the tool could help circumvent geo-restrictions, it also reroutes traffic through someone else’s connection that is also using Hola, failing to add any form of encryption. But most importantly, this so-called ‘VPN’ also logs user data and sells it to third-party companies. So much for a zero-log policy…

Browser Safety Icon

Google Chrome

It’s worth noting that sometimes the platform itself serves as a source for infestation. Browsers often fail to properly vet the hundreds of freshly submitted add-ons, which can lead to an epidemic of malware-ridden extensions. In the past Chrome was heavily criticized for overlooking a flaw in an update that allowed plug-ins on the marketplace that could eavesdrop through your microphone.

Outdated add-ons invite trouble

The reason hackers and data thieves favor focusing on browser extensions so much is because the add-ons operate under different rules than software that runs directly from the desktop. If you have a password management tool installed on your system, then it’s impossible to crack it even if it has certain online features. Add-ons, on the other hand, must factor in the faulty coding of the platform too. Implementing a new feature or changing a function in the browser influences all the installed extensions, and this domino effect often produces small but significant loopholes. Fixing the issue could well be a walk in the park but it requires someone to spot and report the security weakness beforehand.

Secure Password Management

If you wish to avoid becoming a victim, then be sure to keep all your add-ons up to date. In addition, double check the reputation of each extension before installation to prevent the any shady malware from making it onto your computer. This is especially true for free VPN services, antivirus software and password management tools, since hackers love to disguise their virus as a preventive measure. Also be sure to get rid of any add-ons that you don’t use anymore, as well as those that have been abandoned by their developers.

What other software will protect me?

Password management software can help you store login credentials safely, but only if you use the desktop version. Those who rely on browser-based password managers should stay away from the autofill function because this ease of use goes hand in hand with the degradation of your security. As for VPNs, we can’t recommend them enough; besides the military-grade encryption and geo-unblocking functionality that they offer, they often include features to prevent DNS and WebRTC leaks. The latter in particular plays an especially significant role in preventing the exposure of your IP in JavaScript, a programming language used by all browsers.


Best VPN services of 2024

Editor's choice 2024
NordVPN logo
Editor's rating:
(4.5)
Intuitive multiplatform apps
Double VPN and P2P support
Plenty of security features
Large VPN network with consistent speeds
Security
Surfshark logo
Editor's rating:
(4)
Intuitive multiplatform apps
Double VPN
WireGuard protocol
Outstanding device support
Multi-device users
IPVanish logo
Editor's rating:
(4.5)
Unlimited devices
No-log policy
24/7 support
Reliable security tools
Gaming
ExpressVPN logo
Editor's rating:
(4)
Extensive device support
Exceptional speed
Intuitive apps
Convenient extras
Traveling
CyberGhost VPN logo
Editor's rating:
(4.5)
Suitable for all VPN users
Great security features
Seven simultaneous connections
24/7 customer support
Streaming
ZoogVPN logo
Editor's rating:
(4.5)
24/7 customer service
Competitive price
Good connection speed
Based in Greece
Torrenting
Private Internet Access logo
Editor's rating:
(4.5)
Unlimited devices
DNS leak protection
Suitable for all users
Completely customizable
Beginners
TunnelBear logo
Editor's rating:
(4)
Very easy and fun to use
Kill switch and traffic obfuscato
Browser extensions and Chrome blocker
Good speeds
User Feedback

 Leave a reply

Your email address will not be published. Required fields are marked *


Best Reviews

Best Reviews may receive compensation for its content through paid collaborations and/or affiliate links. Learn more about how we sustain our work and review products.

©2012-2024 Best Reviews, a clovio brand – All rights reserved
Privacy policy · Cookie policy · Terms of use · Partnerships · Contact us