Spyware that spoofs Chrome extensions and mobile apps to collect Facebook data is discovered

by Richard Patterson

Spyware is software that collects secret information on users and automatically transmits them to specific people or groups. The fact that "spyware spoofed as Chrome extension and Android application is secretly sending Facebook user data" was announced on " AdGuard " blog which develops advertisement blocker.

Unimania: I Need Your Facebook Data, Location, And Your Browsing History
https://adguard.com/en/blog/unimania-spyware-campaign/

AdGuard co-founder Andrey Meshkov saw automatic scanning of the privacy features of the Chrome extension and found that several extensions were making suspicious requests for Facebook domains It was. Meshkov said that he investigated these suspicious Chrome extensions.

Extended functions that are making suspicious requests are " Video Downloader For Facebook ", " Album & Photo Manager For Facebook ", " PDF Merge - PDF Files Merger " and " Pixcam - Webcam Effects " It was an extension with. When all four are combined, it is said that nearly 420,000 users installed these Chrome extensions.

Spyware disguised as these extensions said that it automatically started collecting Facebook user data when users launched the browser with logged in on Facebook. The data collected by spyware includes information such as "Facebook profile data", "Facebook post", "read posts", "advertisements seen", "browsing history of YouTube", all of which are " um - public It was sent to the domain " -panel-prod.s3.amazonaws.com ".

Mr. Mukhukov further investigated and found out that it is the company Unimania that provides these extensions. Unimania insists that its location is Tel Aviv in Israel, but Mr. Melkov said that referring to Israel's company registry, he could not find a company named Unimania.

Mr. Mr. Koff, who thought that the investigation would end here, discovered the phrase "Google Chrome extension and mobile application" in the privacy policy of the extension, "Maybe Uniania also released mobile applications I thought that. And Mr. Mürkov was connected to Unimania 's server " Fast - Social App ", more than 10 million times of Facebook installed alternate app is connected to Unimania' s server, but also in the privacy policy Unimania He said that he found out that he mentioned it.

Similarly, three applications connected to or referring to Unimania's server, " Fast Lite - Social App + Twitter ", " PhotoMania - Photo Effects ", " All In One Social Media" Fast " He says. Although two of "PhotoMania" and "All In One Social Media" Fast "could not confirm the connection to the server, they said that there is a possibility of collecting user data in the past.

by www.shopcatalog.com

In addition, at the time of article creation, these Chrome extensions and Android apps have all been deleted and can not be installed anymore. However, there is a possibility that similar data sending functions are embedded in other browser extensions and applications, so care must be taken when installing new extensions and applications.