Daily Tech News, Interviews, Reviews and Updates

Chrome Extensions that Insert Code Into eCommerce Sites Are Used By 1.4 Million Users

The Chrome extensions can change cookies on eCommerce websites so that their author obtains affiliate income for the purchased items, without the victim’s awareness, and they have a total install base of over 1.4 million.

The five malicious add-ons allow users to track online prices and coupons, watch Netflix shows with friends (Netflix Party and Netflix Party 2, with a combined install base of 1.1 million), take screenshots, and watch Netflix together (Full Page Screenshot Capture – Screenshotting, with 200,000 installs).

When a user views a new URL in a tab, the extensions subscribe to events that are triggered so they can send tracking information to the creator’s server, which determines whether the user has visited a website for which an affiliate ID is present.

Based on the server’s answer, the extension can inject an iframe URL and a cookie with the extension developer’s affiliate ID into the target website. The extension developer will then receive a commission for any purchases that users make on the target website.




Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. We cannot guarantee the Product information shown is 100% accurate and we advise you to check the product listing on the original manufacturer website. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates Read More

Advertisement

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More