Warning: Chrome extension 'User-Agent Switcher for Google Chrome' is suspicious

2 points

10 years ago

Earlier today I noticed every page I visited had this local storage key set: 'IPirat_installed = true'. I figured out this only happens when the extension 'User-Agent Switcher for Google Chrome'[0] is installed and enabled. (Not to be confused with 'User-Agent Switcher for Chrome'[1].)

Digging in the extension's source, I can see this key is set in common.js. I am a bit concerned this advertises that I have the extension installed, and that websites may be able to tell the extension to do something nefarious, like exfiltrate my browsing history. (But I don't have the skills to prove this one way or the other.)

Also, the extension is making various calls to an API, e.g. apparently fetching a list of redirects to implement.[2]

I don't know what else it's doing (I suspect rewriting shopping links to insert the creator's affiliate tags) but needless to say I've uninstalled it for now.

[0]https://chrome.google.com/webstore/detail/user-agent-switcher-for-g/ffhkkpnppgnfaobgihpdblnhmmbodake

[1]https://chrome.google.com/webstore/detail/user-agent-switcher-for-c/djflhoibgkdhkhhcedjiklpkjnoahfmg

[2]http://api.useragentswitcher.org/api/redirect2list?data-wid=1

3 comments