Internet Security

8 Browser Extensions You Should Remove Now Due to DataSpii

Georgina Torbet 22-08-2019

A major security issue has been discovered in a number of browser extensions for both Firefox and Chrome. These browser extensions are harvesting your data, and you should remove them immediately.


The extensions are collecting massive amounts of very personal data from people’s web browsers, and selling this data on to third parties. The leak is so serious that it has been termed “catastrophic,” and it’s affecting both companies and individuals alike.

The Browser Extensions You Need to Uninstall

Uninstall these browser extensions now - Chrome extensions

The extensions affected by this vulnerability are available for both Chrome and Firefox, as well as Chromium-based browsers such as Opera and Yandex Browser. And it doesn’t matter what operating system you’re using.

Whether you’re on Windows, macOS, Chrome OS, or even a Linux distribution like Ubuntu. If you have these extensions installed in your browser, they ARE stealing your data.

The affected Firefox extensions are as follows:

  • Helper
  • FairShare Unlock
  • SuperZoom

And the affected Chrome extensions include two of the same, plus a number of others:

  • FairShare Unlock
  • SuperZoom
  • Hover Zoom
  • SpeakIt!
  • PanelMeasurement
  • Branded Surveys
  • Panel Community Surveys

Of these, both SpeakIt! and FairShare Unlock have more than one million users worldwide. So there are plenty of people who are at risk from this security vulnerability.

It’s worth checking whether your browser could be syncing your extensions as well. For example, if you have sync enabled on Google Chrome, your extensions may be mirrored between all the machines you use. This means an infection can spread from your home computer to your work computer.

What Data Are These Extensions Collecting?

The sheer volume and variety of data that is vulnerable to this issue is scary. If you install any of these extensions in your browser, they could collect information on you such as:

  • Usernames
  • Passwords
  • Credit card information
  • Gender
  • Personal interests
  • GPS location
  • Tax returns
  • Travel itineraries
  • Genealogy
  • Genetic profiles

If you install the extensions on a computer at your workplace, they could also collect information about your company, including company memos, firewall access codes, API keys, and more.

This information is hoovered up by the browser extensions. It is then sold on by a company which specializes in data analytics.

How the Extensions Collecting Your Data Work

Some of the extensions which collect data do mention what they are doing in their terms and conditions. In the fine print there are sometimes warnings that an extension will collect browsing data.

However, most users do not read terms and conditions. And it seems likely that that they would not agree to give over so much of their data if the knew about it.


Sam Jadali, the security researcher who discovered the data leak, named it “DataSpii”. Even security measures like authentication or encryption cannot prevent this issue. It works by using browser application interface functions (what are APIs? What Are APIs, And How Are Open APIs Changing The Internet Have you ever wondered how programs on your computer and the websites you visit "talk" to each other? Read More ) which do have legitimate uses. But in this case the API functions are used maliciously.

To avoid detection, the extensions use clever obfuscation techniques like waiting 24 hours after installation before data siphoning began. This means that even if users examine an extension carefully after installing it, they would not spot the nefarious behavior as it would not begin until one day later.

Further, even if a user uninstalled an extension, their data would still be held by the extension and could be sold on to a third party.

What Information Sources Are These Extensions Leaking?

Uninstall these browser extensions now - Skype calls


The main source of information that these extensions collect is through shared links. For example, say you are setting up a Skype meeting. You would email a link to the people you want to meet with. Then they click the link to join your meeting.

If you have one of these browser extensions installed, it can intercept that link. When you open a link in your web browser, the extension is able to see your actions. The extension can then even eavesdrop on your meeting. The same thing can happen with other conferencing software like Zoom.

Another scary information source of data leaks is ancestry sites like 23andMe. When you are given a 23andMe report on your DNA, the company sends you a link allowing you to share your results with friends and family. If you click this link then the browser extensions can intercept this page too, collecting information on your family DNA and even biomedical data such as your muscle composition.

A similar data leak can also occur in all sorts of other situations, like when you visit your Apple iCloud account, when you place an order with, or when you use the web interface for your Nest surveillance videos. If you use online accountancy services like Quickbooks then the extensions can gather data about your taxes too.

Why It’s Hard to Protect Against These Data Leaks

As the extensions can spy on users through the use of shared links, one person with a compromised browser can inadvertently compromise their friends, family, and colleagues as well.

This makes it very hard for companies and individuals to protect against this kind of data leak. If someone you know has installed one of these extensions and they share a link or a Skype call with you, your data could be compromised even if you have never installed the extension yourself.

As Jadali said in his report on DataSpii:

“Even the most responsible individuals proved vulnerable to DataSpii; with vast budgets and myriad experts on hand, even the largest cybersecurity corporations proved vulnerable to DataSpii. Our data is only as secure as those with whom we entrust it.”

Be Careful When Installing Browser Extensions

This incident demonstrates why you need to be careful when installing browser extensions. Because even an extension that looks harmless could be hiding malicious code or stealing your data.

For this reason, make sure to research the reliability of a browser extension before installing it. Even a quick Google search should help. And here are some popular Firefox extensions you should remove right now 5 Popular Firefox Extensions You Should Remove Right Now Firefox extensions are great, but some of them are dangerous or useless. Here are five Firefox add-ons nobody should have installed. Read More to help you get started.

Related topics: Browser Extensions, Data Harvesting, Data Security.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. paul
    August 23, 2019 at 10:08 am

    Our 3-letter agencies are working overtime to make sure industries like Hollywood milk users of every cent worldwide. Where have they ever been regarding this?

  2. Bill
    August 22, 2019 at 4:14 pm

    The "stores" that these are uploaded to and downloaded from are supposedly trusted sources. They should be held accountable.

  3. dragonmouth
    August 22, 2019 at 11:55 am

    Why worry about a few browser extensions when the browsers themselves are harvesting user's personal data???!!!

    • Joseph Pollock
      August 28, 2019 at 12:29 pm

      Good point, but for those of us using Vivaldi or a similar privacy-oriented browser, it is an issue and it's another company getting the data widening exposure.

      Luckily, I don't have any of those extensions. (Knock on silicon ...)