- Avast Online Security
- AVG Online Security
- Avast SafePrice
- AVG SafePrice
Why? Because these four widely installed browser extensions have been caught collecting a lot more data on its millions of users than they are intended to, including your detailed browsing history.
Most of you might not even remember downloading and installing these extensions on your web browser, and that's likely because when users install Avast or AVG antivirus on their PCs, the software automatically installs their respective add-ons on the users' browsers.
Both online security extensions have been designed to warn users when they visit a malicious or phishing website; whereas, SafePrice extensions help online shoppers learn about best offers, price comparisons, travel deals, and discount coupons from various sites.
The malicious behaviour of Avast and AVG extensions was discovered almost a month ago by Wladimir Palant, who detailed how the extensions are sending a large amount of data about users' browsing habits, listed below, to the company's servers — "far beyond what's necessary for the extension to function."
What users' data is being sent to Avast?
- Full URL of the page you are on, including query part and anchor data,
- A unique user identifier (UID) generated by the extension for tracking,
- Page title,
- Referrer URL,
- How you landed on a page, e.g., by entering the address directly, using a bookmark or clicking a link,
- A value that tells whether you visited a page before,
- Your country code
- Browser name and its exact version number,
- Your operating system and its exact version number
"Tracking tab and window identifiers as well as your actions allows Avast to create a nearly precise reconstruction of your browsing behavior: how many tabs do you have open, what websites do you visit and when, how much time do you spend reading/watching the contents, what do you click there and when do you switch to another tab. All that is connected to a number of attributes allowing Avast to recognize you reliably, even a unique user identifier," Palant said.
Over this weekend, Palant reported his findings to both the browser makers, Mozilla, and Google, of which Mozilla took immediate action by temporarily removing the extensions from its Firefox Add-on store within 24 hours until Avast resolves the issue.
Zero Trust + Deception: Learn How to Outsmart Attackers!
Discover how Deception can detect advanced threats, stop lateral movement, and enhance your Zero Trust strategy. Join our insightful webinar!Save My Seat!
"This add-on violates Mozilla's add-on policy by collecting data without user disclosure or consent," Mozilla said.
Since Mozilla didn't blacklist the extensions altogether or automatically removed them from users' browsers, it should be noted that these extensions would remain active for existing users and continue spying on them.
On the other hand, all the four extensions are still available on the Google Chrome Web Store, but Palant believes they will be removed by the tech giant after "considerable news coverage."