Browser add-ons from various antivirus vendors are spying on you
According to a report by penetration tester Mike Kuketz, the browser add-ons of some antivirus vendors transfer far too much data. The extensions from Avast, Avira, Bitdefender, Comodo and Symantec transfer the full URL of the visited websites.
The freelance penetration tester Mike Kuketz has taken a critical look at the browser extensions of various antivirus manufacturers in recent days.
Kuketz found that the extensions:π
βοΈAvast Online Security from Avast
βοΈAvira Browser Safety from Avira
βοΈBitdefender TrafficLight for Firefox by Bitdefender
βοΈOnline Security Pro by Comodo
βοΈNorton Safe Web from Symantec
transfer the complete Internet address of the visited web pages to the server of the respective manufacturer. This is usually justified by the companies with the fact that one can recognize dangerous web pages (Phishing etc.) with it and block automatically. According to Kuketz, it would be sufficient to simply transfer the domain name. Then the manufacturers would find out far less about the surfing behaviour of their customers. The current implementation is "not particularly data protection-friendly".
β οΈAvast Online Security generates a unique user ID
Avast Online Security also assigns each user a unique user ID so that Avast can recognize them at any time. A lot of transferred data also means that in theory it would be possible to use the information as a sham. In this context, Kuketz rightly refers to the scandal when it became known that the Firefox add-on "Web of Trust" had spied on millions of users - including some members of the German Bundestag. By the end of 2016, NDR journalists had revealed how a million-dollar business had been generated from the collected data.
β Tipp
Just check your own browser for all installed extensions, that doesn't cost us five minutes of our precious lifetime! Everything you don't use regularly should be thrown out immediately! The less extensions are installed, the better. The best data is no data. If no data is collected, no one can use it. Otherwise we will soon be "naked on the net" again, as we were in November 2016. Who wants that?
π https://www.kuketz-blog.de/browser-add-ons-wie-antiviren-hersteller-ihre-nutzer-ausspionieren/
π https://t.me/cRyPtHoN_INFOSEC_DE/2021
#AntiVirus #Browser #Addons
π‘ @cRyPtHoN_INFOSEC_DE
π‘ @cRyPtHoN_INFOSEC_EN
According to a report by penetration tester Mike Kuketz, the browser add-ons of some antivirus vendors transfer far too much data. The extensions from Avast, Avira, Bitdefender, Comodo and Symantec transfer the full URL of the visited websites.
The freelance penetration tester Mike Kuketz has taken a critical look at the browser extensions of various antivirus manufacturers in recent days.
Kuketz found that the extensions:π
βοΈAvast Online Security from Avast
βοΈAvira Browser Safety from Avira
βοΈBitdefender TrafficLight for Firefox by Bitdefender
βοΈOnline Security Pro by Comodo
βοΈNorton Safe Web from Symantec
transfer the complete Internet address of the visited web pages to the server of the respective manufacturer. This is usually justified by the companies with the fact that one can recognize dangerous web pages (Phishing etc.) with it and block automatically. According to Kuketz, it would be sufficient to simply transfer the domain name. Then the manufacturers would find out far less about the surfing behaviour of their customers. The current implementation is "not particularly data protection-friendly".
β οΈAvast Online Security generates a unique user ID
Avast Online Security also assigns each user a unique user ID so that Avast can recognize them at any time. A lot of transferred data also means that in theory it would be possible to use the information as a sham. In this context, Kuketz rightly refers to the scandal when it became known that the Firefox add-on "Web of Trust" had spied on millions of users - including some members of the German Bundestag. By the end of 2016, NDR journalists had revealed how a million-dollar business had been generated from the collected data.
But back to the browser add-ons:
Would it have to be clarified whether the users are fully informed by the manufacturers? After all, their complete surfing behavior is logged. It is also questionable what happens to all the recorded data afterwards! Are they simply deleted?β Tipp
Just check your own browser for all installed extensions, that doesn't cost us five minutes of our precious lifetime! Everything you don't use regularly should be thrown out immediately! The less extensions are installed, the better. The best data is no data. If no data is collected, no one can use it. Otherwise we will soon be "naked on the net" again, as we were in November 2016. Who wants that?
π https://www.kuketz-blog.de/browser-add-ons-wie-antiviren-hersteller-ihre-nutzer-ausspionieren/
π https://t.me/cRyPtHoN_INFOSEC_DE/2021
#AntiVirus #Browser #Addons
π‘ @cRyPtHoN_INFOSEC_DE
π‘ @cRyPtHoN_INFOSEC_EN
Firefox Nightly for Android to get full add-ons support
The Nightly version of the new Firefox web browser for Google's Android operating system will soon get full add-ons support according to a post by Mozilla's Add-ons Community Manager Caitlin Neiman on the official Mozilla Add-ons blog.
Mozilla launched a completely redesigned version of Firefox for Android in July 2020. The browser replaced the underlying engine with a Mozilla's new mobile browser engine GeckoView to improve web compatibility and performance of the browser.
Firefox users were migrated to the new version automatically, provided that the automatic update function was not disabled. One of the main issues that some users experienced after the upgrade was that add-ons support was limited.
The new Firefox supported nine extensions, and not the thousands of extensions that were supported by the previous versions. While these were the most popular based on user installs, it meant that Firefox users noticed that all other extensions were disabled and could not be used anymore.
Mozilla did promise to bring full add-ons support to Firefox, and it appears that a first step is being made soon in that regard.
https://www.ghacks.net/2020/09/03/firefox-nightly-for-android-to-get-full-add-ons-support/
#Mozilla #Firefox #Nightly #addons
The Nightly version of the new Firefox web browser for Google's Android operating system will soon get full add-ons support according to a post by Mozilla's Add-ons Community Manager Caitlin Neiman on the official Mozilla Add-ons blog.
Mozilla launched a completely redesigned version of Firefox for Android in July 2020. The browser replaced the underlying engine with a Mozilla's new mobile browser engine GeckoView to improve web compatibility and performance of the browser.
Firefox users were migrated to the new version automatically, provided that the automatic update function was not disabled. One of the main issues that some users experienced after the upgrade was that add-ons support was limited.
The new Firefox supported nine extensions, and not the thousands of extensions that were supported by the previous versions. While these were the most popular based on user installs, it meant that Firefox users noticed that all other extensions were disabled and could not be used anymore.
Mozilla did promise to bring full add-ons support to Firefox, and it appears that a first step is being made soon in that regard.
https://www.ghacks.net/2020/09/03/firefox-nightly-for-android-to-get-full-add-ons-support/
#Mozilla #Firefox #Nightly #addons
Forwarded from BlackBox (Security) Archiv
List of compromised websites and scope of damage, by Nano Adblocker and Defender
So far from vungsung's comment, we learned that some session cookies of Nano Adblocker and Defender are stolen
Users need to logout ALL sessions of a website and login again to refresh session cookies
Changing passwords can force refresh session cookies
For further investigation by tweedge of this incident, go to #5 (comment)
Please go to #4 for rant and #3 or #2 for other issues
You may have one or more or none accounts affected depending on your luck
βΌοΈ Websites already confirmed to be compromised βΌοΈ
π Instagram
βΌοΈ Websites that may be compromised, needs confirmation βΌοΈ
π Github
π Microsoft account
π Twitch
π ππΌ https://github.com/jspenguin2017/Snippets/issues/5
π‘ Read as well: Nano Adblocker & Nano Defender was sold and should now be considered malware.
https://t.me/BlackBox_Archiv/1440
#adblocker #extensions #addons #malware #compromised
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
So far from vungsung's comment, we learned that some session cookies of Nano Adblocker and Defender are stolen
Users need to logout ALL sessions of a website and login again to refresh session cookies
Changing passwords can force refresh session cookies
For further investigation by tweedge of this incident, go to #5 (comment)
Please go to #4 for rant and #3 or #2 for other issues
You may have one or more or none accounts affected depending on your luck
βΌοΈ Websites already confirmed to be compromised βΌοΈ
π Instagram
βΌοΈ Websites that may be compromised, needs confirmation βΌοΈ
π Github
π Microsoft account
π Twitch
π ππΌ https://github.com/jspenguin2017/Snippets/issues/5
π‘ Read as well: Nano Adblocker & Nano Defender was sold and should now be considered malware.
https://t.me/BlackBox_Archiv/1440
#adblocker #extensions #addons #malware #compromised
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
GitHub
Thanks for helping new devs to selling data. Β· Issue #4 Β· jspenguin2017/Snippets
Our all cookies and sessions copied because of you