Popular app installed by 222,746 Firefox users to protect their privacy has been TRACKING the websites they have visited
- The popular Web Security app has been installed by 222,746 Firefox users
- It was caught snooping at the browsing history of websites users had visited
- Just last week the the add-on was recommended on the official Firefox blog
- Data showed the plugin tracked individual users as well as browsing patterns
Mozilla Firefox users have had their online history tracked by an app that was designed to protect privacy.
The popular Web Security app, which has been installed by 222,746 Firefox users, was caught snooping at the websites users visited.
It was doing so by recording each page a user clicked on in the browser and then forwarding this information to a specific address on the internet where it was stored.
This is despite it claiming to actively protecting users ‘from malware, tampered websites or phishing sites that aim to steal your personal data.’
Last week the add-on was even recommended on the official Firefox blog.
Just last month another popular plug-in for Google Chrome and Mozilla Firefox was also found to be recording what users did online.
Scroll down for video
Mozilla Firefox users may have had their entire online history recorded by an app designed to protect users’ privacy (stock image)
The reports were made by Raymond Hill, the author of uBlock Origin and Mike Kuketz, a German privacy and security blogger.
‘With this extension, I see that for every page you load in your browser, there is a POST to http://22.214.171.124/’, Mr Hill wrote on Reddit last week.
‘The posted data is garbled, maybe someone will have the time to investigate further.’
Just days later, Mr Kuketz posted about the same behaviour.
Someone visiting his forum then decoded the data and revealed that the add-on was sending the URL to a German server.
- Heartbreaking image of a decomposed green sea turtle with… Gove to restrict sale of wet wood for middle class stoves… 16 year-old hacker who says he ‘dreamed of working for… Google facing massive backlash as 1,400 employees sign…
Share this article
The data showed the plug-in was tracking individual users as well as their browsing patterns.
In a statement to Bleeping Computer, a spokesperson for Creative Software Solutions who created the add-on said; ‘The addon Web Security is as the name says is a security addon, that protects the user from abusive websites to protect their data and privacy.
‘We do not want sites to track and steal the users data or browsing history.
‘One of the security aspects includes checking the requested site against a global blacklist, thus the communication between the client and our servers is unavoidable, while we keep it to a absolute minimum and do not log this communication.’
The spokesperson also said that the add-on had been processed by Mozilla’s verification staff.
The add-on has not currently been removed from the Mozilla add-on portal.
MailOnline has contacted Mozilla and Creative Software Solutions for comment.
The popular Web Security app which has been installed by 222,746 Firefox users and was caught snooping at the websites users visited
Just last month it was revealed another popular plug-in for the Google Chrome and Mozilla Firefox was recording everything users did online.
The software, which is designed to allow users to customise the appearance of how webpages appear inside the web browsers, has been hijacked by spyware.
The extension, which has more than 1.8 million users worldwide, may have been recording the browsing history of everyone who uses it.
Worse still, this browsing data could be linked to details that make users identifiable in the real world, making them vulnerable to hackers and blackmailers.
The plug in has since been removed from both Google Chrome and Mozilla Firefox’s respective official stores.
An expert discovered that software is designed to allow users to customise the appearance of how web pages appear in Chrome and Firefoz, had been hijacked by spyware. The extension may have been recording the browsing history of everyone who uses it (pictured)
The finding was made by Robert Theaton, a software engineer from San Francisco, who discovered the software, dubbed Stylish, had been recording browser history since January 2017, when it was bought by new owners SimilarWeb.
Writing on his blog, Mr Theaton said: ‘It only takes one tracking request containing one session cookie to permanently associate a user account with a Stylish tracking identifier.
‘This means that Stylish and SimilarWeb still have all the data they need to connect a real-world identity to a browsing history, should they or a hacker choose to.’
Stylish sends complete browsing activity back to its servers, together with a unique identifier, he claims.
That includes actual Google search results from your browser window.
The finding was made by Robert Theaton, a software engineer from San Francisco, who discovered the software, called Stylish, had been recording browser history since January 2017, when it was bought by new owners SimilarWeb. This image shows the Firefox version
This allows its new owner, SimilarWeb, to connect an individual with all of their online activity.
Those who have created a Stylish account on userstyles.org will have a unique identifier that can easily be linked to a login cookie and text files intended to help users access a website faster and more efficiently.
This means that not only does SimilarWeb own a copy of any user’s complete browsing histories, they also own enough other data to theoretically tie these histories to email addresses and real-world identities.
HOW CAN YOU PROTECT YOUR INFORMATION ONLINE?
Because hackers are becoming more creative, security experts are warning that consumers need to take all possible measures to protect their identities (file photo)
Source: Read Full Article