Malicious Browser Extensions Exploit Users for Web Scraping Activities

Extensions installed on almost 1 million devices have been found to bypass essential security protections and transform browsers into tools that scrape websites for a paid service. These extensions, available across Chrome, Firefox, and Edge, have amassed close to 909,000 downloads. The main purpose of these plugins ranges from managing bookmarks and clipboards to enhancing audio volume and generating random numbers.

However, a common element among all these extensions is their integration of MellowTel-js, an open-source JavaScript library that developers use to monetize their extensions. Security researcher John Tuckner from SecurityAnnex uncovered that the monetization method involves covertly using these extensions to scrape data from websites for paying customers, including advertisers.

Arstechnica