Home News 287 Chrome Extensions Leak Browsing Data of 37.4 Million Users to Major Corporations
News

287 Chrome Extensions Leak Browsing Data of 37.4 Million Users to Major Corporations

147
Illustration of Google Chrome browser with multiple extensions installed, highlighting data being transmitted from the browser to third-party corporations.
287 Chrome extensions are secretly harvesting users’ browsing history and sending it to corporations like Similarweb and Alibaba.

287 Chrome Extensions Leak Private Browsing Data of 37.4 Million Users

A new investigation by security researcher Q Continuum has revealed that 287 Google Chrome extensions are actively harvesting the private browsing histories of approximately 37.4 million users. The report highlights how tools that appear “harmless,” such as ad blockers and search assistants, are being used to collect sensitive data and sell it to corporations and data brokers.


How the Data is Collected

The research team employed a man-in-the-middle proxy to monitor outgoing data from Chrome extensions. Using Docker to simulate real browsing behavior, they scanned the top 32,000 apps on the Chrome Web Store.

Key findings include:

  • Many extensions send user data in plain text or obscure it using Base64 or AES-256 encryption.
  • Some extensions wait until users accept privacy policies before transmitting data.
  • The 37.4 million figure is likely conservative, with actual numbers potentially higher.

The collected data includes Google search URLs, user IDs, and browsing history, which are detailed enough to be de-anonymized and linked to real identities.


Major Corporations Receiving Data

While some extensions are created by small developers, many are connected to large companies, including:

  • Similarweb (extensions affecting ~10.1 million users)
  • Alibaba Group
  • ByteDance
  • Semrush
  • Big Star Labs

Interestingly, around 20 million users could not be linked to a specific company, suggesting that shell companies or third-party analytics partners may be involved.


Popular Extensions Implicated

Some well-known tools were flagged, including:

  • Stylish (custom theme tool)
  • Ad Blocker: Stands AdBlocker
  • Poper Blocker, CrxMouse, and Block Sit
  • SimilarWeb – Website Traffic & SEO Checker

The investigation found that some extensions are sold or repurposed to function as data-harvesting tools, and multiple extensions may be used to mask the collection process.


Privacy Implications

The study emphasizes a transparency gap in the Chrome Web Store. Users often do not anticipate or understand how their data is being harvested.

John Carberry, Solution Sleuth at Xcape Inc., commented that:

  • The extension ecosystem acts as a “vast, legalized surveillance system.”
  • Businesses may be exposed because full URLs can reveal internal corporate domains, session tokens, and sensitive cloud resources.
  • Users are often paying for “free” products with their data instead of money, highlighting the hidden cost of privacy in the digital economy.

Recommendations for Users

  • Be cautious when installing free extensions, even if they appear legitimate.
  • Regularly review the permissions requested by Chrome extensions.
  • Limit sensitive activity in browsers where multiple extensions are installed.
  • Consider paid alternatives that are explicitly privacy-focused.

This investigation underscores the risks of routine data harvesting and the need for stronger safeguards forHere’s a rewritten and structured version of your article with all the key points preserved, followed by 10 alternative title suggestions:


287 Chrome Extensions Leak Private Browsing Data of 37.4 Million Users

A new investigation by security researcher Q Continuum has revealed that 287 Google Chrome extensions are actively harvesting the private browsing histories of approximately 37.4 million users. The report highlights how tools that appear “harmless,” such as ad blockers and search assistants, are being used to collect sensitive data and sell it to corporations and data brokers.


How the Data is Collected

The research team employed a man-in-the-middle proxy to monitor outgoing data from Chrome extensions. Using Docker to simulate real browsing behavior, they scanned the top 32,000 apps on the Chrome Web Store.

Key findings include:

  • Many extensions send user data in plain text or obscure it using Base64 or AES-256 encryption.
  • Some extensions wait until users accept privacy policies before transmitting data.
  • The 37.4 million figure is likely conservative, with actual numbers potentially higher.

The collected data includes Google search URLs, user IDs, and browsing history, which are detailed enough to be de-anonymized and linked to real identities.


Major Corporations Receiving Data

While some extensions are created by small developers, many are connected to large companies, including:

  • Similarweb (extensions affecting ~10.1 million users)
  • Alibaba Group
  • ByteDance
  • Semrush
  • Big Star Labs

Interestingly, around 20 million users could not be linked to a specific company, suggesting that shell companies or third-party analytics partners may be involved.


Popular Extensions Implicated

Some well-known tools were flagged, including:

  • Stylish (custom theme tool)
  • Ad Blocker: Stands AdBlocker
  • Poper Blocker, CrxMouse, and Block Sit
  • SimilarWeb – Website Traffic & SEO Checker

The investigation found that some extensions are sold or repurposed to function as data-harvesting tools, and multiple extensions may be used to mask the collection process.


Privacy Implications

The study emphasizes a transparency gap in the Chrome Web Store. Users often do not anticipate or understand how their data is being harvested.

John Carberry, Solution Sleuth at Xcape Inc., commented that:

  • The extension ecosystem acts as a “vast, legalized surveillance system.”
  • Businesses may be exposed because full URLs can reveal internal corporate domains, session tokens, and sensitive cloud resources.
  • Users are often paying for “free” products with their data instead of money, highlighting the hidden cost of privacy in the digital economy.

Recommendations for Users

  • Be cautious when installing free extensions, even if they appear legitimate.
  • Regularly review the permissions requested by Chrome extensions.
  • Limit sensitive activity in browsers where multiple extensions are installed.
  • Consider paid alternatives that are explicitly privacy-focused.

This investigation underscores the risks of routine data harvesting and the need for stronger safeguards for web users.

1 Comment

  • “This is a serious privacy warning for Chrome users. Even ‘harmless’ extensions can collect and sell your browsing data to major corporations. Always review extension permissions and consider privacy-focused alternatives.”

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Articles

NewsSecurity

Telegram’s t.me Domain Goes Offline Worldwide After Registry Imposes ServerHold

Telegram’s t.me Links Go Offline After Domain Registry Places Hold on Address...

NewsSecurity

Critical U-Boot Flaws Could Let Hackers Install Stealthy Firmware Malware

New U-Boot Bootloader Flaws Could Enable Stealthy Firmware-Level Attacks Security researchers have...

NewsSecurity

Exposed Hacker Server Reveals Massive Campaign Compromising 25,000 WordPress Websites

Exposed Server Reveals 25,000 Hacked WordPress Websites in Large Cybercrime Campaign A...

NewsSecurity

Hidden Tenda Router Backdoor Gives Hackers Full Administrator Access

Hidden Backdoor in Tenda Router Firmware Allows Attackers to Gain Admin Access...