Security expert Robert Heaton uncovered a nasty surprise when analyzing the popular browser extension Stylish. The seemingly innocent extension allowed uses to change website’s themes to their liking, but underneath it did something more sinister.
Every time a Stylish user visited a website, an obfuscated version of the URL was sent to Stylish servers. In essence, a user’s entire browser history was being recorded by the extension. Nobody can be certain what the data was being used for (whether malicious or innocent), but seeing that the extension was owned by SimilarWeb, we can assume is was used for analytics. SimilarWeb is a company that ranks websites and sells estimated traffic statistics based on information they gather. Apparently, browser extensions are a source of data they use. What is most concerning, is we don’t know if individual user’s website histories were being sold and it is unlikely if we will ever find out.
So, who knows what other extensions are doing similar things? I can’t imagine how terrible things could turn out if an extension started stealing banking details or recording your credit card number. Hopefully, Google and Mozilla put a stop to these practices and audit extensions to stop things like this from occurring. In any event, it is best to use a browser without any third-party components for when you need security the most.