Published 8 days ago • loading... • Updated 5 days ago

Browser Extensions Turn Nearly 1 Million Browsers Into Website-Scraping Bots

Researchers discovered 245 browser extensions installed on almost one million devices that covertly convert browsers into web-scraping bots without user consent.
These extensions incorporate a JavaScript library connected to Olostep, a company that offers a robust web scraping service capable of circumventing anti-bot measures and executing as many as 100,000 simultaneous requests.
The extensions disable key security protections by stripping web headers and injecting hidden iframes, driving paid scraping operations for clients including advertisers.
Malicious extensions have been downloaded 1.7 million times, with developers receiving 55 percent of revenue and MellowTel pocketing the rest, while some flagged extensions were removed but many remain active.
Researchers warned these activities expose users to privacy and security risks, and advised removing malicious extensions, clearing browsing data, and scanning systems with antivirus software.

Insights by Ground AI

Does this summary seem wrong?

17 Articles

WhoWhatWhy

Left

Browser Extensions Turn 1M Browsers Into Website-Scraping Bots: Researcher - WhoWhatWhy

Browser Extensions Turn 1M Browsers Into Website-Scraping Bots: Researcher (Maria) The author writes, “Extensions installed on almost 1 million devices have been overriding key security protections to turn browsers into engines that scrape websites on behalf of a paid service, a researcher said. The 245 extensions, available for Chrome, Firefox, and Edge, have racked up nearly 909,000 downloads, John Tuckner of SecurityAnnex reported. … The comm…

5 days ago

Read Full Article

Tech Radar

Center

Nearly a million browsers affected by more malicious browser extensions - here's what we know

Browsers were turned into scraping bots without user consent, researchers claim.

6 days ago·United Kingdom

Read Full Article

Ars Technica

Center

Browser extensions turn nearly 1 million browsers into website-scraping bots

Extensions installed on almost 1 million devices have been overriding key security protections to turn browsers into engines that scrape websites on behalf of a paid service, a researcher said. The 245 extensions, available for Chrome, Firefox, and Edge, have racked up nearly 909,000 downloads, John Tuckner of SecurityAnnex reported. The extensions serve a wide range of purposes, including managing bookmarks and clipboards, boosting speaker volu…

6 days ago·United States

Read Full Article

Sapo

Lean Right

Useful and Verified Extensions Mislead Millions of Users in Chrome and Edge

A browser extension can be a valuable tool, but also a entrance door for privacy threats. A recent research revealed that dozens of popular and verified extensions to Chrome and...

7 days ago·Portugal

Read Full Article

The Express Tribune

Center

Malicious Google Chrome extensions might be killing your system: Find out which ones

11 malicious extensions, with a total of 1.7 million downloads, have been found on Google's Chrome Web Store, posing significant risks to users by tracking their browsing activity and potentially redirecting them to harmful websites. The discovery was made by researchers at Koi Security, a platform for security self-provisioned software, who alerted Google to the issue, and was reported first by Bleeping Computer. The malicious extensions, which…

7 days ago·Pakistan

Read Full Article