Connect with us

Hi, what are you looking for?

Tech News

This is how cybercriminals are stealing money using Amazon purchases

This is how cybercriminals are stealing money using Amazon purchases

FILE PHOTO: Google Chrome logo is seen near cyber code and words “spy” in this illustration picture taken June 18, 2020. REUTERS/Dado Ruvic/Illustration/File Photo

The extensions that can be installed in Google Chrome they are very useful for most everyday users. But they can also be a tool to access your personal data. In this case, a recent McAfee investigation revealed 5 malicious extensions recommended to uninstall.

These five extensions have sounded the alarm for their performance and also because add 1.4 million downloads. In general, its task is to monitor user activity while browsing the Internet and modify its cookies to add a referral link.

Advertisement. Scroll to continue reading.

Which extensions are a danger to the user

Everyone knows that any professional person can get a commission for purchases on sites like Amazon if they follow an affiliate link. That is why attackers use these extensions to automatically refer their affiliates to these links amazon or other stores to generate economic profit.

The investigation determined that the affected extensions were 5, and had 1.4 million downloads globally. The list is as follows:

Advertisement. Scroll to continue reading.

– Netflix Party (800,000 downloads) and Netflix Party 2 (300,000 downloads)

Netflix Party 1 and 2, now both known as TelePartyis a browser extension to watch TV remotely with friends.

For example, for movie nights with that special someone from long distance. Synchronize video playback and group chat can be added to your favorite streaming sites.

Advertisement. Scroll to continue reading.

Teleparty can be used to connect with friends and host long-distance movie nights and TV parties with support for Netflix, Youtube, Disney Plus, hulu, hbo max Y Amazon Prime Video.

Photo: Teleparty
Photo: Teleparty

– Full Page Screenshot Capture – Screenshotting (200,000 downloads)

This is a simple free screen recording and screenshot tool, in which you can quickly share your screen and capture the entire page. Basically, this is a two-in-one tool for recording and capturing screenshots.

Google Chrome called Full Page Screenshot Capture?  Screenshotting.  (photo: Google Chrome Store)
Google Chrome called Full Page Screenshot Capture? Screenshotting. (photo: Google Chrome Store)

– FlipShope – Price Tracker Extension (80,000 downloads)

FlipShope is a popular Google Chrome browser extension that allows its users to track and view price charts for a product on various web sites. electronic commerce.

Advertisement. Scroll to continue reading.

This extension is compatible with most of the popular online shopping platforms like Amazon, Flipkart, Snapdeal, Myntra, Shopclues, AJIO and many more.

FlipShope - Price Tracker Extension.  (photo: Google Chrome Store)
FlipShope – Price Tracker Extension. (photo: Google Chrome Store)

– AutoBuy Flash Sales (20,000 downloads)

With this Google Chrome extension, users can buy smart phones in “fast sellers” like Redmi Note 11T 5G, Sony PS5, Infiniti Note 11 and more.

Auto Buy Flash Sales.  (photo: Google Chrome Store)
Auto Buy Flash Sales. (photo: Google Chrome Store)

How these extensions work

In all these cases, the extensions work the same. When installed in Chrome, an uploaded multifunction script sends all browsing data to a domain controlled by the attacker. This information includes the URL visited, the user’s identification and also the location.

Advertisement. Scroll to continue reading.

If the URL of this website matches one of the linked sites, the server responds by inserting the URL with the attacker’s affiliate unit and possibly also modifying the cookie.

Without a doubt, it is something that does not seek to block or slow down navigation, but monetize visits to Amazon, Ebay or any other store that offers affiliates.

Amazon.  (photo: REUTERS/Dado Ruvic)
Amazon. (photo: REUTERS/Dado Ruvic)

Obviously, they are always interested in going completely unnoticed, and that is why the developers set a delay time to start operating.

This is from 15 days and it will be from here when the activity of sending all the navigation data begins and URL spoofing.

Advertisement. Scroll to continue reading.

What to do in these cases, according to McAfee

“McAfee advises its customers to be cautious when installing Chrome extensions and to pay attention to the permissions they are requesting,” the company says.

“Chrome will display permissions before extension installation. Customers should take additional steps to verify authenticity if the extension requests permissions that allow it to run on all websites you visit, such as the one detailed in this blog,” the report concludes.

Advertisement. Scroll to continue reading.

Advertisement. Scroll to continue reading.
Advertisement
Advertisement

Related

This is how humans and artificial intelligence work to create AI developments too

Tech News

Artificial intelligence. (photo: VentureBeat) platform artificial intelligence (AI) Geti enables human teams ranging from data scientists to domain experts to improve their ability to...

(Fonte: Amazon/Divulgação) (Fonte: Amazon/Divulgação)

Entertainment

Amazon Prime Video released this Wednesday (28) the official release date for the 3rd season of Jack Ryan. If you wanted a Christmas full...

You have to use a magnifying glass to look for changes in the S23 Ultra You have to use a magnifying glass to look for changes in the S23 Ultra

Android

The continuation of the Galaxy S22 Ultra is expected with an unchanged display, a small increase in size and very similar camera parameters, with...

Date of Apple's next quarterly report nailed Date of Apple's next quarterly report nailed

Apple

It is now clear that Apple will present its next quarterly report on Thursday, October 27. Given that the iPhone accounts for more than...

Advertisement

You May Also Like

Entertainment

Amazon Prime Video released this Wednesday (28) the official release date for the 3rd season of Jack Ryan. If you wanted a Christmas full...

Android

Amazon will launch a new tablet on October 19 in four configurations. The base is a Fire HD 8 tablet, slightly stronger than this...

Mobiles

For the first time since 2019, Amazon has updated its basic e-book reader, the Kindle. The device “All-new Kindle (2022 release)” you have to...

Tech News

Dating apps (Photo: Special) Finding love on the internet is not always a positive adventure, because many times can fall into the hands of...

Advertisement