Most of your Chrome Extension have unlimited access of all your browsing:
- they could potentially steal your personal data, the content of all your emails, your banking details, your customer's data and all the content of all the websites open in all your tabs, even when you do not visit them.
- They have an easy access to all your passwords as you insert them. They could potentially stole them.
- They could very easily store your cookies and access, on your behalf, all your apps, emails, bank accounts, from remote servers.
While monitoring the activity of certain popular extensions like Hola Internet , counting 9 millions users (view details, but don't install !), we found that certain Extensions are visiting websites on our behalf, in the background of our browsers, without our explicit consent.
FREAKY ISN'T IT ?
Then we found that 80% of extension's developers don't have websites or don't have a support email or are hiding their personal data behind anonymous services. Many are located in countries where data privacy is not a concern.
CHROME extensions' Security breaches