Table of Contents
Is your browser history safe from these popular Chrome extensions?
Recent cybersecurity research confirms that 287 Google Chrome extensions are actively recording browsing history from approximately 37.4 million users. These extensions, including popular productivity and customization tools, transmit sensitive user data to third-party servers controlled by data brokers and undisclosed entities.
The Scale of the Data Breach
A massive privacy violation affects roughly 1% of the global Google Chrome user base. Security researchers identified 287 specific extensions that secretly capture and transmit the complete browsing history of their users. While many users install these tools for ad-blocking, productivity, or aesthetic customization, the software quietly functions as spyware in the background. This data collection happens without clear user consent, turning standard web navigation into a commercially tradeable asset for data brokers.
How the Tracking Works
The research team detected this espionage using a specialized automated testing environment. They ran Chrome inside a Docker container and routed internet traffic through a “man-in-the-middle” (MITM) proxy to inspect data leaving the browser. They discovered a direct correlation between the length of the URLs a user visits and the size of the data packets the extensions send out. This “leakage metric” proved that whenever a user loads a webpage, these extensions immediately send that specific address to an external server. To hide this activity, many extensions encrypt the stolen data using complex methods like AES-256 encryption or ROT47 encoding.
Who Is Collecting Your Data
The entities receiving this stolen data range from well-known analytics firms to obscure actors. The investigation points to major data brokers like Similarweb and associated entities such as “Big Star Labs” as primary recipients. Other identified groups include “Curly Doggo,” “Offidocs,” and various actors based in China. In some cases, extensions that appear to be legitimate security tools, such as specific versions of ad blockers or online safety utilities, were found participating in this data harvesting.
Immediate Steps for Users
You must take a minimalist approach to browser security to protect your privacy. Audit your installed extensions immediately and remove any that are not absolutely essential to your daily workflow. Be particularly skeptical of extensions that request broad permissions, such as the ability to “read and change all your data on the websites you visit”. Security experts recommend using only well-vetted tools from reputable developers and regularly checking for reports on malicious add-ons. If an extension offers a “free” service that seems too good to be true, it is likely monetizing your personal data.