Avast Online Security, AVG Online Security, Avast SafePrice, AVG SafePrice are four commonly browser extensions that are caught accumulating much more data from its millions of users than they intend to. Even your detailed browsing history.

If any of the four extensions offered by Avast and its subsidiary AVG are installed in your Firefox or Chrome browser, you should disable or remove them as quickly as possible.

Most people do not even bother remembering that they downloaded or installed these extensions. This is probably because when users download Avast or AVG antivirus on their PCs, their respective add-ons are automatically downloaded on the browsers of the users.

Avast and AVG Extensions were designed to caution users about accessing a malicious or phishing website; while SafePrice extensions help online shoppers know about best offers, price comparisons, travel deals, and discount coupons from various sites.

User Data Sent to Avast

“Tracking tab and window identifiers as well as your actions allows Avast to create a nearly precise reconstruction of your browsing behavior: how many tabs do you have open, what websites do you visit and when, how much time do you spend reading/watching the contents, what do you click there and when do you switch to another tab. All that is connected to a number of attributes allowing Avast to recognize you reliably, even a unique user identifier,” Palant said.

The malicious comportment of Avast and AVG extensions was exposed nearly a month ago by Wladimir Palant, who explained how extensions send a huge amount of data on browsing habits of users, listed below, to the servers of the company — “far beyond what’s necessary for the extension to function.”

  • Full page URL, including query section and anchor data
  • Page Title
  • Referrer URL
  • How you landed on a page. (i.e. using a bookmark or clicking a link, etc.)
  • Unique User Identity (UID) created by the Tracking Extension
  • Country Code
  • Browser Version and name
  • Operating system and exact version number
  • Your history (i.e. whether you are visiting first time or visited before)

Mozilla took immediate action on reporting by temporarily removing the extensions from its Firefox add-on store within 24 hours until the issue was resolved by Avast. Mozilla said, “This add-on violates Mozilla’s add-on policy by collecting data without user disclosure or consent”

On the other hand, the four plugins are still available on the Google Chrome Web Store, but after “considerable news coverage,” Palant claims that they will be disabled by the tech giant.

Related articles

Microsoft tool checks Exchange Servers for ProxyLogon hacks
Miscellaneous / Security Updates

Microsoft tool checks Exchange Servers for ProxyLogon hacks

By CertX
Zero-Day Vulnerability and Its Potential Impact on Organizations
Miscellaneous

Zero-Day Vulnerability and Its Potential Impact on Organizations

By CertX
What is Application Security and Why Is It Important?
Miscellaneous

What is Application Security and Why Is It Important?

By CertX
Microsoft Takes Down Web Domains Used by North Korean Hackers
Company News / Miscellaneous

Microsoft Takes Down Web Domains Used by North Korean Hackers

By CertX
All You Should Know about Penetration Testing
Miscellaneous

All You Should Know about Penetration Testing

By CertX

Leave a Reply

Your email address will not be published. Required fields are marked *