These are being tracked and recorded, too.
Awesome screenshot chrome app password#
Let’s not forget that this isn’t only about unauthorized access to password protected sites: sites like YouTube, GitHub, and Google Docs allow you to create “private links” that aren’t intended for anyone’s eyes except those with whom you share the link. This collected information is being stored and sent over plaintext HTTP, which poses a security threat of itselfĮxactly what information is being shared with who is unknown, but there’s enough evidence that we suggest you be (at the very least) suspicious and uneasy.One company was able to connect niki-bot to similarwebie.exe, likely run by a company called “Similar Web” that is known to track and sell 3rd part data.Since the screenshot collected private URLs and could potentially access the user’s cookies, a malicious party could login as the user to password protected accounts.Other users found similar issues, tracing it back to Awesome Screenshot.Crawler ignores robots.txt and crawls everything including password protected URLs.“niki-bot” detected as a crawler with unusual activity.Connecting the dots led down the following (summarized) path:
Awesome screenshot chrome app code#
But it seems the code executed by Awesome Screenshot (or their ad partners) is taking some liberties that we wouldn’t suggest you tolerate.ĭetails of the naughty code aren’t blatantly obvious, but rather were uncovered after several Awesome Screenshot users noticed private URLs from their servers being accessed by a crawler called “niki-bot”. More likely they’ve packaged their extension with 3rd party code that allows them to earn money by anonymously gathering/selling user’s browser history- not much different than allowing cookies on your computer. I absolutely loved the extension and used it dozens of times per day, but recent reports claim it could contain malicious code that accesses sensitive data from your web browsing history.īefore we throw the creators of Awesome Screenshot under the bus, let’s be clear: we’re not suggesting they are purposefully doing something malicious. Spread the word: if you’ve got the Awesome Screenshot Chrome extension installed on your computer, you should remove it immediately.
0 kommentar(er)
