Namoi Brockwell - the woman is pure gold and she hits the bullseye yet again with an excellent video regarding the many dangers of browser extensions (my articles on the subject here and here)
DON’T Install That Extension!
You installed them to make life easier. But some browser extensions are doing a lot more than blocking ads or autofilling passwords.
They’re reading every keystroke. Tracking every site. Harvesting your data-and in some cases, handing it over to foreign governments or draining your crypto wallets.
In this video, we expose the chilling truth about browser extensions.
You’ll see real-world cases of extensions that were hacked, sold, or designed from the start to exploit users.
And we’ll break down why just checking permissions isn’t enough-because malicious extensions often ask for the same permissions as the good ones. It’s not about what they ask for. It’s how they use it.
ps: has anyone noticed the add-on spam on AMO???
virtually every day there are batches of extensions being consecutively added to AMO, all by the same person or entity and all of which share several commonalities:
- they all use the default puzzle-piece icon
- they all have 0 users at the time of release and often at least several days thereafter
- there are no detailed descriptions of what the ext. does
- the developer user names are often similar per batch, such as all lower case or of a particular theme
- they all joined AMO the day the extension was released or the day prior
- they all have only 1 extension
- the extensions are usually rather trivial in nature
- sometimes the stated purpose of the extension is entirely different than what it actually does
i’ve not yet found any malware in the ones i looked at, but the obvious fact that they are all from the same entity and are flooding AMO with this garbage is very suspicious - contacting Mozilla has proven pointless … crickets
the sorting method i use makes them very easy to spot - note that they are uploaded to AMO in quick succession and so often each ext. in each batch shows up consecutively as here …
