Netflix Party is stealing your browsing data

 

McAfee cybersecurity researchers have discovered five Google Chrome browser extensions that exhibit malicious behavior.

Once installed, they will monitor users' web browsing. This allows them to detect when victims visited an e-commerce site, and modify the cookie to make the platform believe the user arrived at the page via an affiliate link.

The hackers who developed these add-ons can get an affiliate commission when they make a purchase on a website. To avoid uninstalling or arousing users' suspicion, these add-ons offer the features they promise. They pose a threat to private life because they collect and exploit personal data. Hence it is recommended to delete it immediately.

In total, the extensions have amassed over 1.4 million downloads. Here are the 5 wrong extensions (in parentheses, know them to get to know them better):

Netflix Party (mmnbenehknklpbendgmgngeaignppnbe): Approx. 800,000 downloads

Netflix Party 2 (flijfnhifgdcbhglkneplegafminjnhn): about 300,000 downloads

Screenshotting (pojgkmkfincpdkdgjepkmdekcahmckjp): 200,000+ downloads

FlipShope (adikhbfjdbjkhelbdnffogkobkekkkej): about 80,000 downloads

AutoBuy Flash Sales (gbnahglfafmhaehbdmjedfhdmimjCBed): about 20,000 downloads

 The two most popular types allow you to organize Netflix watching sessions remotely, a feature that's native to Disney+ or Amazon Prime Video, but absent from Netflix, hence the need for an external service.

 Note that there was a legitimate Chrome extension called Netflix Party, but it has since been rebranded to Teleparty, supporting "Watch Party" on Disney Plus, Hulu, HBO Max, Amazon Prime Video, and even YouTube from Netflix.

Both Netflix Party extensions have been removed from the Chrome Web Store, but you must manually remove them from your browser if you already have them installed.